Submitted URL: http://whereisxur.com/
Effective URL: https://whereisxur.com/
Submission: On November 17 via api from US — Scanned from DE

Summary

This website contacted 78 IPs in 10 countries across 58 domains to perform 378 HTTP transactions. The main IP is 2606:4700:3036::6815:4aa2, located in United States and belongs to CLOUDFLARENET, US. The main domain is whereisxur.com.
TLS certificate: Issued by E1 on October 4th 2023. Valid for: 3 months.
This is the only time whereisxur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
28 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
22 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
31 146.75.118.167 54113 (FASTLY)
20 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e4:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
57 2600:9000:211... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2.19.85.120 16625 (AKAMAI-AS)
2 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
16 108.156.60.116 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
6 52.222.208.154 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 13.32.27.78 16509 (AMAZON-02)
1 132.226.214.62 31898 (ORACLE-BM...)
7 2a00:1450:400... 15169 (GOOGLE)
1 18.202.122.243 16509 (AMAZON-02)
5 44.224.132.134 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.185.198 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 13.32.99.44 16509 (AMAZON-02)
1 3 18.245.60.72 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
2 3 37.252.173.215 29990 (ASN-APPNEX)
2 99.86.4.30 16509 (AMAZON-02)
17 2600:9000:225... 16509 (AMAZON-02)
7 2600:9000:206... 16509 (AMAZON-02)
6 34.107.254.252 396982 (GOOGLE-CL...)
2 184.30.211.26 16625 (AKAMAI-AS)
2 18.155.129.39 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 52.48.43.143 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2600:9000:23d... 16509 (AMAZON-02)
2 3.73.250.101 16509 (AMAZON-02)
1 185.86.139.116 201081 (SMARTADSE...)
1 69.173.144.137 26667 (RUBICONPR...)
1 37.157.5.133 198622 (ADFORM)
1 3.72.190.56 16509 (AMAZON-02)
1 172.64.151.101 13335 (CLOUDFLAR...)
2 2607:ae80:192... 26558 (FREEWHEEL)
1 18.66.138.185 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
3 162.19.138.83 16276 (OVH)
1 3.33.220.150 16509 (AMAZON-02)
2 95.101.149.233 16625 (AKAMAI-AS)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 1 35.214.188.95 15169 (GOOGLE)
4 185.86.139.93 201081 (SMARTADSE...)
2 3 3.126.169.233 16509 (AMAZON-02)
1 1 54.165.170.24 14618 (AMAZON-AES)
2 2 37.157.2.228 198622 (ADFORM)
1 1 46.228.164.11 56396 (AMOBEE)
1 141.95.98.65 16276 (OVH)
1 69.173.144.165 26667 (RUBICONPR...)
378 78
Apex Domain
Subdomains
Transfer
58 twitchcdn.net
static.twitchcdn.net — Cisco Umbrella Rank: 10411
k.twitchcdn.net — Cisco Umbrella Rank: 18274
2 MB
33 twitch.tv
embed.twitch.tv — Cisco Umbrella Rank: 67925
gql.twitch.tv — Cisco Umbrella Rank: 8300
passport.twitch.tv — Cisco Umbrella Rank: 12955
368 KB
29 whereisxur.com
whereisxur.com
3 MB
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
video.primis.tech — Cisco Umbrella Rank: 6090
rtb.primis.tech — Cisco Umbrella Rank: 5697
3 MB
22 network-n.com
kumo.network-n.com — Cisco Umbrella Rank: 40418
216 KB
20 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
2 MB
16 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4421
157 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
202 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 154
static.doubleclick.net — Cisco Umbrella Rank: 255
173 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
jnn-pa.googleapis.com — Cisco Umbrella Rank: 207
imasdk.googleapis.com — Cisco Umbrella Rank: 447
435 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
144 KB
7 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2165
cdn.permutive.com — Cisco Umbrella Rank: 2904
192 KB
7 jtvnw.net
static-cdn.jtvnw.net — Cisco Umbrella Rank: 9498
383 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
3 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
69 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
25 KB
5 ttvnw.net
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
200 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1492
ka-f.fontawesome.com — Cisco Umbrella Rank: 2891
99 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
15 KB
4 cdndex.io
reporting.cdndex.io — Cisco Umbrella Rank: 33793
796 B
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
22 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
304 KB
3 adform.net
adx.adform.net — Cisco Umbrella Rank: 4418
c1.adform.net — Cisco Umbrella Rank: 599
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
31 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
mb.moatads.com — Cisco Umbrella Rank: 744
88 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
910 B
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
313 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
34 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
8 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
269 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8447
cdn.pbstck.com — Cisco Umbrella Rank: 8872
18 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
18 KB
2 metricool.com
tracker.metricool.com — Cisco Umbrella Rank: 27065
788 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
274 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
457 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
266 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
2 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
421 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
16 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
550 B
1 prmutv.co
00917082-71e9-498e-8343-00c3df06b798.prmutv.co — Cisco Umbrella Rank: 218857
391 B
1 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9143
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 permutive.app
00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app — Cisco Umbrella Rank: 71957
246 KB
1 cloudfront.net
d2v02itv0y9u9t.cloudfront.net
76 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
455 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
19 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
378 58
Domain Requested by
57 static.twitchcdn.net embed.twitch.tv
static.twitchcdn.net
29 whereisxur.com 1 redirects whereisxur.com
27 gql.twitch.tv static.twitchcdn.net
k.twitchcdn.net
gql.twitch.tv
22 kumo.network-n.com whereisxur.com
kumo.network-n.com
20 www.youtube.com whereisxur.com
www.youtube.com
16 live.primis.tech kumo.network-n.com
live.primis.tech
16 cdn.privacy-mgmt.com kumo.network-n.com
cdn.privacy-mgmt.com
9 video.primis.tech live.primis.tech
8 jnn-pa.googleapis.com www.youtube.com
7 static-cdn.jtvnw.net embed.twitch.tv
7 www.gstatic.com static.twitchcdn.net
www.gstatic.com
www.youtube.com
7 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 api.permutive.com 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
6 c.amazon-adsystem.com kumo.network-n.com
c.amazon-adsystem.com
live.primis.tech
6 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.googleadservices.com
www.youtube.com
5 video-edge-2c9abf.pdx01.abs.hls.ttvnw.net k.twitchcdn.net
5 pagead2.googlesyndication.com whereisxur.com
pagead2.googlesyndication.com
imasdk.googleapis.com
4 rtb-csync.smartadserver.com
4 reporting.cdndex.io passport.twitch.tv
gql.twitch.tv
4 ka-f.fontawesome.com kit.fontawesome.com
whereisxur.com
4 www.googletagmanager.com whereisxur.com
www.googletagmanager.com
kumo.network-n.com
3 x.bidswitch.net 2 redirects
3 id5-sync.com live.primis.tech
3 sb.scorecardresearch.com 1 redirects whereisxur.com
3 api.btloader.com btloader.com
3 passport.twitch.tv k.twitchcdn.net
passport.twitch.tv
3 www.google.com whereisxur.com
www.youtube.com
3 securepubads.g.doubleclick.net kumo.network-n.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 embed.twitch.tv whereisxur.com
embed.twitch.tv
3 fonts.googleapis.com whereisxur.com
live.primis.tech
2 secure.adnxs.com 2 redirects
2 c1.adform.net 2 redirects
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 ads.stickyadstv.com live.primis.tech
2 btlr.sharethrough.com live.primis.tech
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.id5-sync.com whereisxur.com
2 cdn.hadronid.net whereisxur.com
2 tags.crwdcntrl.net whereisxur.com
2 secure.cdn.fastclick.net whereisxur.com
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
2 yt3.ggpht.com www.youtube.com
2 i.ytimg.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 ad-delivery.net whereisxur.com
2 stats.g.doubleclick.net www.google-analytics.com
2 rules.quantcount.com secure.quantserve.com
2 z.moatads.com kumo.network-n.com
z.moatads.com
2 region1.google-analytics.com www.googletagmanager.com
2 secure.quantserve.com whereisxur.com
kumo.network-n.com
2 tracker.metricool.com whereisxur.com
1 token.rubiconproject.com eus.rubiconproject.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 ad.turn.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 csync.loopme.me 1 redirects
1 js-sec.indexww.com live.primis.tech
1 match.adsrvr.org live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 s0.2mdn.net imasdk.googleapis.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 rtb.primis.tech live.primis.tech
1 htlb.casalemedia.com live.primis.tech
1 grid.bidswitch.net live.primis.tech
1 adx.adform.net live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 prg.smartadserver.com live.primis.tech
1 a.ad.gt cdn.hadronid.net
1 cdn.permutive.com 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
1 ib.adnxs.com 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
1 00917082-71e9-498e-8343-00c3df06b798.prmutv.co 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
1 cdn.pbstck.com boot.pbstck.com
1 ad.doubleclick.net whereisxur.com
1 p.cpx.to kumo.network-n.com
1 mb.moatads.com z.moatads.com
1 boot.pbstck.com kumo.network-n.com
1 cdn.jsdelivr.net kumo.network-n.com
1 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app kumo.network-n.com
1 btloader.com kumo.network-n.com
1 d2v02itv0y9u9t.cloudfront.net static.twitchcdn.net
1 k.twitchcdn.net static.twitchcdn.net
1 www.google.de whereisxur.com
1 www.googleadservices.com whereisxur.com
1 kit.fontawesome.com whereisxur.com
0 api.rlcdn.com Failed live.primis.tech
378 89
Subject Issuer Validity Valid
whereisxur.com
E1
2023-10-04 -
2024-01-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
kumo.network-n.com
R3
2023-10-10 -
2024-01-08
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
twitch.tv
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-01 -
2024-10-02
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5
2023-11-08 -
2024-02-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
metricool.com
GTS CA 1P5
2023-10-12 -
2024-01-10
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
twitchcdn.net
Amazon RSA 2048 M02
2023-04-10 -
2024-05-07
a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.twitchcdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-02 -
2024-10-03
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
btloader.com
GTS CA 1P5
2023-10-19 -
2024-01-17
3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3
2023-11-06 -
2024-02-04
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2023-06-04 -
2024-06-03
a year crt.sh
passport.twitch.tv
Amazon RSA 2048 M02
2023-05-14 -
2024-06-11
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-20 -
2024-07-20
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-13
a year crt.sh
spade.twitch.tv
Amazon RSA 2048 M01
2023-05-15 -
2024-06-12
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-10-10 -
2024-01-08
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
reporting.cdndex.io
Amazon RSA 2048 M01
2023-04-12 -
2024-05-10
a year crt.sh
*.prmutv.co
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
*.primis.tech
Amazon RSA 2048 M01
2023-09-24 -
2024-10-22
a year crt.sh
static-cdn.jtvnw.net
Amazon RSA 2048 M01
2023-03-13 -
2024-04-10
a year crt.sh
api.permutive.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
hadronid.net
GTS CA 1P5
2023-10-05 -
2024-01-03
3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh

This page contains 16 frames:

Primary Page: https://whereisxur.com/
Frame ID: F56921A29C9A9451A70B82DCE607EEA2
Requests: 147 HTTP requests in this frame

Frame: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Frame ID: 46E69ACFCB273296EA73F4E083660F27
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 943286A33EF06AC4139B5A2D383D335E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Frame ID: D22351356005EEE9D58AC9A8C119F618
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/B1gMwejYlJw
Frame ID: A05BF472F652CC247D9F4B7E79DB7D92
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Frame ID: 77D6FF6EDD008C7CD696D2B898B2D811
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/B1gMwejYlJw
Frame ID: 3C2778397869DF9806FFDEBB14EB1598
Requests: 20 HTTP requests in this frame

Frame: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Frame ID: 481ECFBCF3AC209A4E2CEE0344B597C4
Requests: 4 HTTP requests in this frame

Frame: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Frame ID: 34D36308F10C2A10B17D7AC1F63FFD92
Requests: 4 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 8E7390D37D71C01A0ACAB1EAC966E24F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
Frame ID: C4A21DEA0352698AC74C67ECDB2AACBE
Requests: 7 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Frame ID: 490824FAAAE2D804E540C70E528B8B13
Requests: 49 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 19DE320706EC2A348803329D75B78F15
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 193F87E82B811D75C0528B1BC539F991
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: E920CAC47922D4D3872A4CE50C475FD7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1403F64A22476FC58323B4CAE9554631
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Where is Xur? Find Him here and See What He's SellingDelayed Autoplay

Page URL History Show full URLs

  1. http://whereisxur.com/ HTTP 301
    https://whereisxur.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

378
Requests

95 %
HTTPS

52 %
IPv6

58
Domains

89
Subdomains

78
IPs

10
Countries

14678 kB
Transfer

38205 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://whereisxur.com/ HTTP 301
    https://whereisxur.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 160
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 201
  • https://sb.scorecardresearch.com/cs/25110922/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 365
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ee2c1d68-e9e9-43f4-8b66-a269175d8acb&gdpr_consent=null&gdpr=0
Request Chain 367
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=JnR7gpP_UZlFj4vJHde1l1FfBSQ&user_group=1&ssp=themediagrid&gdpr=0
Request Chain 369
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3251851254478697778&gdpr=0&gdpr_consent=
Request Chain 370
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3610603145680782508&gdpr=0&gdpr_consent=
Request Chain 371
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8391828075229934461&gdpr=0&gdpr_consent=

378 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
whereisxur.com/
Redirect Chain
  • http://whereisxur.com/
  • https://whereisxur.com/
244 KB
37 KB
Document
General
Full URL
https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c4df500a2107366df34007e5c0cbf531433d7d3ac7725a8b4725c7588f4ef6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=172800
cf-cache-status
DYNAMIC
cf-ray
8279b2230f5f9b3a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 17:29:26 GMT
expires
Sun, 19 Nov 2023 17:09:12 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://whereisxur.com/wp-json/>; rel="https://api.w.org/" <https://whereisxur.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json" <https://whereisxur.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tE5Wbl8zYpNpjDIu5r0biu%2FF39rhXMKBLHu0GrBjvJQEK9%2BwR1RTDk1c7CnhRIXP2HSjKJbTZQXh5Sfj4iH8fjsLCRWisM5%2B9jg%2BQelt1%2FOJw7Wm44Ppk9pRsqA58azNkrnDQjsfsCUKPcJBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-httpd-modphp
1
x-pingback
https://whereisxur.com/xmlrpc.php
x-proxy-cache
HIT

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8279b2211a1b3639-FRA
Cache-Control
max-age=172800
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 17 Nov 2023 17:29:26 GMT
Expires
Sun, 19 Nov 2023 17:29:26 GMT
Host-Header
6b7412fb82ca5edfd0917e3957f05d89
Location
https://whereisxur.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqiWW37NZbsKwDGhvIzGnQTjIs00ESX9eSAfF4n87hnDRnOorzDIfvmG3IlclEOUojfy2hj74eu4omZuMbSlYifX25OjffSF3hs05C5HHKVJDsC5a1slsBMomJsn8%2FL9wWHKsF7erUl8iKSfQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Proxy-Cache
MISS
X-Proxy-Cache-Info
0301 NC:000000 UP:
alt-svc
h3=":443"; ma=86400
fontawesome-all.min.css
whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/
87 KB
18 KB
Stylesheet
General
Full URL
https://whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/fontawesome-all.min.css?ver=1.7.9
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6f52d91f1f01039d2816b5482b9ba15d85f3a13a8f6ddac4b0bd71ccb82e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
725192
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 18:08:44 GMT
server
cloudflare
etag
W/"6410b82c-15c48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5wsXqMKpi%2F0xVykWqko%2Fi9NuqZ6noRZYHcK5QlbtuHnL2Wtl4P9FQ%2F2jcs%2FXSUWfx5RJH%2FZu9dte4nBxaDBVyE5r34rTUCBQNTqIBOqYUV6XMwV08ao87YBJcK8X2bBmpNWBg99k2bXjQflZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8279b226fbba9b3a-FRA
expires
Fri, 08 Nov 2024 08:02:54 GMT
v4-shims.min.css
whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/v4-shims.min.css?ver=1.7.9
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ce92ae5a6ba589284b67c485c4446101d80cf8feb81a41c20a3a5f730876a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
569741
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 18:08:44 GMT
server
cloudflare
etag
W/"6410b82c-667b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2%2FqMp7aqNzh%2BTESzC0JoNNeZrIau%2BOtuVeq2F%2FXmMPUbeq0BWeDqU2xeojCYfw%2BE1knNYw9jFFGcwUYnYmavR2Dy%2B2FfBiVmG3HwyQjSPfqhO6V%2FaMCv6WmGcnh%2Bs1usC9exe0mPmUtNJG0CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8279b226fbbd9b3a-FRA
expires
Sun, 10 Nov 2024 03:13:45 GMT
css
fonts.googleapis.com/
29 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:50:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 17:29:26 GMT
js
www.googletagmanager.com/gtag/
173 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-55935606-1
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77938940883693220ab6a45e26932c323c229eb0463914ca898befe107b79e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64644
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 17:29:27 GMT
app.js
kumo.network-n.com/dist/
22 KB
8 KB
Script
General
Full URL
https://kumo.network-n.com/dist/app.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
3b67b2cd4f7a35f68b510e5d102959fca64700d7917ffb419584d1d753211070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:14
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-58ae"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
036ea2d6a60d3fad3b51ad6c1303c902
cdn-requestcountrycode
DE
cdn-status
200
expires
Sun, 03 Dec 2023 15:04:14 GMT
8b05987ac8.js
kit.fontawesome.com/
11 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/8b05987ac8.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6056e68a328a8a38c71ab6ffd056ec91cdebc5a79f3c8e80f3e7607acf2f

Request headers

Referer
https://whereisxur.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8279b227ee50bbd1-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5PDzyFHg_D6hbOPo0mC
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e071087dcd637ea37eb24baf5f527f1a1d9285b713feeafe2c923d43c19a385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52759
x-xss-protection
0
server
cafe
etag
11733759138332694355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:29:27 GMT
et-divi-customizer-global.min.css
whereisxur.com/wp-content/et-cache/global/
6 KB
2 KB
Stylesheet
General
Full URL
https://whereisxur.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1698779352
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11add6845f9e5cdc8b592821cb0d3b0fe0d90f5c64bc48bca819789be124f506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215528
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 19:09:12 GMT
server
cloudflare
etag
W/"654150d8-1600"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCcEk%2BN27Vj6CxOXfgMnFHjgbwfGJtULAKkCxz4813ixImAFyRmtRuIkyThfrPqWYKNo9ECkFb0f4VTfN5ysE6hIVq69BolLdzFogjUUqvjGA8bCgxyfY%2FrQtVi5U7zu0mx9j3B%2Fb9kCJPa5WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8279b227bc829b3a-FRA
expires
Thu, 14 Nov 2024 05:37:18 GMT
pixel-logo.png
whereisxur.com/wp-content/uploads/2015/10/
95 B
477 B
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2015/10/pixel-logo.png
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1420836
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
95
last-modified
Wed, 02 Aug 2017 03:17:22 GMT
server
cloudflare
etag
"59814442-5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVrbpR9CirT5RgtdPfk0ETrlPCL101UWijYVLAZTLBuceD4FCNMfKd4A%2FztIxBCTlZ81bPlzxYGEtjDx%2B6W5pC5VMBg%2B7B3QEHVB9%2FnvujuuGr71mpUtjeQaBEplvxAyvpiFIzUuzxdrxUP2sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22a3f139b3a-FRA
expires
Thu, 31 Oct 2024 06:48:51 GMT
whereisxurlogo-long-300x40.png
whereisxur.com/wp-content/uploads/2019/12/
4 KB
4 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2019/12/whereisxurlogo-long-300x40.png
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01dc0167f9498589840e7f27ec0e1bf4fafe22932d88cf4b5cbecf1e3cccad4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
368533
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
4064
last-modified
Mon, 02 Dec 2019 18:20:30 GMT
server
cloudflare
etag
"5de555ee-fe0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BZpkpNc1qa9OdzPwU29S2Z4YdZ978qQ8gK4Rog6%2FEquQWmLhkOeS5TpzwREdroCK1ZY8FEFzMvbVE0XDZCgi%2Fa87AUm2YqyrUptF24GEW5iMgspLK0CQYV0BbL0gm9MTaWRAqlFeweXUtEnXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b227bc869b3a-FRA
expires
Tue, 12 Nov 2024 11:07:14 GMT
v1.js
embed.twitch.tv/embed/
26 KB
8 KB
Script
General
Full URL
https://embed.twitch.tv/embed/v1.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ec75992b2219fffefcfe8ba6094466dc3aa5d410cba0a71da2052123448de0ec
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 17:29:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300
Via
1.1 varnish
Age
1
X-Cache
HIT
Connection
keep-alive
Content-Length
7927
X-XSS-Protection
1; mode=block
X-Served-By
cache-fra-eddf8230125-FRA
Server
Kestrel
X-Timer
S1700242167.049865,VS0,VE2
ETag
"0fb183be3df7fa7c02057975d6df8204"
Vary
Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type
application/x-javascript
Release-Type
release
Accept-Ranges
bytes
X-Cache-Hits
1
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 17 Nov 2023 17:29:27 GMT
The-Colony.jpg
whereisxur.com/wp-content/uploads/2022/03/
3 KB
4 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2022/03/The-Colony.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6304c605cc4c39f494c40a8179460059bd551e2c460f659fd8ebf27346d64e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
3253
last-modified
Fri, 18 Mar 2022 17:06:49 GMT
server
cloudflare
etag
"6234bc29-cb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMUcVYsWLpPuy4mxTlLYJhoyarsC%2F8Glim0vMPS3%2F6QiKO3pHUVZ90TxZVNO0Wxm8z1tqNkUoHEpwmWLDNw24cSXZ6HqJytKvjvK0HjzW%2B9cAVQ8TbCg1lY1QmQ9eIGa0No5YApjuSbTxhop%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22a5f339b3a-FRA
expires
Sat, 16 Nov 2024 17:14:50 GMT
hawkmoon.jpg
whereisxur.com/wp-content/uploads/2022/02/
3 KB
3 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2022/02/hawkmoon.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3ba1943f097c3217100e559109007fed340998a2fb15e77fe6f9164171eb98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298054
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
3111
last-modified
Fri, 25 Feb 2022 17:31:13 GMT
server
cloudflare
etag
"62191261-c27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mVXM4uV1QG6%2BUV9GdL9lVswVKWyjsivoXP%2BFTI%2BHv2Xq8OruzT8OD3aKFi6DnpaR%2BqYtz9YO0hJ3BN5raJiKugQJui89BnbGerD2el3h6hdiz0NnQLZy5ud3r0zWqQcV6a568QU%2BaZRS%2B2W4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22a6f529b3a-FRA
expires
Wed, 13 Nov 2024 06:41:53 GMT
St0mp-EE5-stompees.jpg
whereisxur.com/wp-content/uploads/2021/10/
3 KB
3 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/10/St0mp-EE5-stompees.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb402c6d8defe14a3f6e4d58396081b435b2edafbd24cfa5738b9092668b4780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
2667
last-modified
Fri, 15 Oct 2021 17:16:29 GMT
server
cloudflare
etag
"6169b76d-a6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E14Gd9qpu7nUUBoBapig4v7qoLdIwC%2FsNbFanGVgLwSc0SNqMvbZ1tE3mPtF4DO764eU3kimZbLs0lNHLDRWqtoBxjSvI%2FkqlOGrrjB4oAxWVw3OVWlYGCvcgUZlzIiuARTxnpSnkZTMs9cR7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22a8f769b3a-FRA
expires
Sat, 16 Nov 2024 17:14:50 GMT
conversion.js
www.googleadservices.com/pagead/
50 KB
19 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18823
x-xss-protection
0
server
cafe
etag
4145344891725561964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:29:27 GMT
css
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese&display=swap
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 17:29:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 17:29:27 GMT
jquery.min.js
whereisxur.com/wp-includes/js/jquery/
85 KB
31 KB
Script
General
Full URL
https://whereisxur.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
632983
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 15:58:58 GMT
server
cloudflare
etag
W/"650873c2-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiWcZbfP3OsujAeii3p6fdXSCmvmbGOd9%2BVxqHOFXwlUpD4vd%2BlxHXnM%2BhpOYQFdZxkzhzj%2BdV2Prb0KZHn3l9LwtkS%2BhA03MBn5RYyzaUW3ZEN435q2cnjZyafKxjXAIbC1%2Fbv9icgqSjDVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b2287d3c9b3a-FRA
expires
Sat, 09 Nov 2024 09:39:44 GMT
jquery-migrate.min.js
whereisxur.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://whereisxur.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295673
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 15:58:58 GMT
server
cloudflare
etag
W/"650873c2-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtCIngSRBB0%2FJaUAT2KoDtli5nYLVOOSXFBki3iFdpdIUo350b6h2DinXd1CGtbiuWKaCCdW2JXthTr0DiKXfV4FlHsLko%2BA0AiyKffSwq%2FfgLsgQJuyggUDZkNt7Ab0wWrU0vmS1iFvi1ejVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b228ad6b9b3a-FRA
expires
Wed, 13 Nov 2024 07:21:34 GMT
scripts.min.js
whereisxur.com/wp-content/themes/Divi/js/
268 KB
60 KB
Script
General
Full URL
https://whereisxur.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.23.0
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033a80c98752135ba755fa9b3733169b45c7a56f4bf60b619228ed990258dc81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
206614
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 19:05:29 GMT
server
cloudflare
etag
W/"65414ff9-42f83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BnnJDOnGfpPZC31tuK7D7WS4PKU4DLf7c06Z6ePrBeUSfEau6ZCTfk7zpYfdbvb7jFle4Z6d%2FNiN%2Bg1PKt7QpXqc2%2FHEv1sjVf2nksNtmhf3ffmg2SuSbMbdNhRai%2FdnEGCv%2B5ZH1a3zdTdCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b228eda19b3a-FRA
expires
Thu, 14 Nov 2024 08:05:53 GMT
jquery.fitvids.js
whereisxur.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
3 KB
2 KB
Script
General
Full URL
https://whereisxur.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.23
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
804004
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 19:05:29 GMT
server
cloudflare
etag
W/"65414ff9-d15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Vd0IsgCkdwuwO5CWM%2FeIt%2Baq%2B%2F5LpDxbTF1hUXPTbuErVzHmQZPrJ34wV6NZPE9j5rFSIJusk3R16jBY15BFcIniEqzGeMigXRKMYWkxuFAe%2BvhDHoTaLrVwxL4C175ltHmU4C2ew%2Bj94tvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b2292de69b3a-FRA
expires
Thu, 07 Nov 2024 10:09:23 GMT
jquery.mobile.js
whereisxur.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
8 KB
3 KB
Script
General
Full URL
https://whereisxur.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.23
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
557054
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 19:05:29 GMT
server
cloudflare
etag
W/"65414ff9-1f18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ454iQ8UbYAziQCFOkryaFVKck4WG6Jpme9Y43tmHLgVZMY02UP0BbaJjbzFf2JlbGlYtaRU6J45Px6uJhnW4TtWFmGhZ6LaOGjTwekNdIYPBjR2xjrlXNeU54K%2BVPUS69GX8KqcZ95Y%2B4Muw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b2292def9b3a-FRA
expires
Sun, 10 Nov 2024 06:45:13 GMT
common.js
whereisxur.com/wp-content/themes/Divi/core/admin/js/
1 KB
891 B
Script
General
Full URL
https://whereisxur.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.23
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298054
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 19:05:29 GMT
server
cloudflare
etag
W/"65414ff9-53f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD3qty%2B%2FaA9XuTTh19PCFez9Wv0hxGs950N3CdlgaLy232xGM9dlQXBNX4clszftN7NbM9ke2UWUDujPfh5aJb6WdEY23C2HYYzsCiG9tki%2FkWhhm9X7vf8Tc%2FkBsQ8nbW%2FIy9gXP5KxD4IZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8279b2294e0a9b3a-FRA
expires
Wed, 13 Nov 2024 06:41:53 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55935606-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 15:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5986
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 Nov 2023 17:49:41 GMT
js
www.googletagmanager.com/gtag/
220 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-MQP3J3C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55935606-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7e2cd4e212db2d31a8e64398f9711eccf07af9fd88607d84d744ec43b9eae52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80011
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 17:29:27 GMT
where-is-xur.json
kumo.network-n.com/configs/sites/
8 KB
2 KB
Fetch
General
Full URL
https://kumo.network-n.com/configs/sites/where-is-xur.json
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
c1aed5a8fbb9970fdbfdcff15a5bd5db90910235764c6824bd387a3cd09a88b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
11/15/2023 09:52:08
cdn-pullzone
411106
last-modified
Wed, 15 Nov 2023 09:34:21 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6554909d-2115"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, Cdn-Requestcountrycode
cache-control
public, max-age=3600
cdn-requestid
d75705b28f067fed517f3992f9044285
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
cmp-sourcepoint.js
kumo.network-n.com/dist/1.36.0/
25 KB
8 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/cmp-sourcepoint.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
0a4479bc2768da26b2a34cf25cc29bfdbf947c2fa8a82c881d6331ba65a6d361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-638f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
63ccab7d78744a1ffe796b62b422d4f2
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
blockthrough.js
kumo.network-n.com/dist/1.36.0/
2 KB
1 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/blockthrough.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
842fea842197879ad5afa91048cc2986038f1d873b69691231b45d40e7ddf864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-96e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
ac37a10087c71199b9bccc2ea6a76eab
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
comscore.js
kumo.network-n.com/dist/1.36.0/
3 KB
2 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/comscore.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
e9c0e37a2af5a201890dee5fa3429d12755f1048526b20f2f59fd361718995df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-bb4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
18e52586ecfacdb073ae587759d3adec
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
gpt.js
kumo.network-n.com/dist/1.36.0/
10 KB
4 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/gpt.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
6e4d7d25742817a70b4db6f3aeda1d727fa7e64738112076a5f75d4e193dcfe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-27f2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
443c41dd2c7547d7c924279ce7da882a
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
permutive.js
kumo.network-n.com/dist/1.36.0/
5 KB
3 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/permutive.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
0bf857ceb0a81b5e35e40a43ec572458fac3281c2f42c91ed2cfb18b23e64f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-13e1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
eeec1b9aa3e98cdc0322bbacc7d3f038
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
amazon.js
kumo.network-n.com/dist/1.36.0/
3 KB
2 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/amazon.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
6c9f8ee6660db249d75b8c495f370f375851c50fcd938ea260856e0891b352cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-d24"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
a6d1b25cab320c1cda2666294e8c5cdc
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
prebid.js
kumo.network-n.com/dist/1.36.0/
34 KB
12 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/prebid.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5c8a8963ae0ddc49ff2e7381b16505bf9a2e14b2fd5ad4e2871ad245fdd164fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-88c3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
c7a71b265741be6b8fb40cfde27d7b35
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
pubstack.js
kumo.network-n.com/dist/1.36.0/
20 KB
7 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/pubstack.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
0636804e060508c39f5a548f46ffb1dbf0675f5b6de3b9e2c934f305d0240e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-4ee8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
ce7e788196e2b50421e692f005aac98e
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
analytics.js
kumo.network-n.com/dist/1.36.0/
3 KB
2 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/analytics.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
cadd78ac6f1a0c5c7fbb588e634feb8da47508cc5fd0ac0c3d86a6f007a1ac50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-a15"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
29feb08c77d5715029c85fcc1adba002
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
moat-yield-display.js
kumo.network-n.com/dist/1.36.0/
3 KB
2 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/moat-yield-display.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
fc1729886b9e86ac1b2b4b3ea679fbd404a51abf1ad076f185364c18a4327ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-c21"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
7cefb79d0430addd411df2e4212e1917
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
celtra-bfab.js
kumo.network-n.com/dist/1.36.0/
9 KB
4 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/celtra-bfab.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
a4620d20bb154a490bb56f175a57db90f20bbee250a085a712b3bbe909e3c718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-23e0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
453a53a0e5fb2a540f680652bd0d9239
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
gpt-positions.js
kumo.network-n.com/dist/1.36.0/
10 KB
5 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/gpt-positions.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
de6be61fa50f184060d0d5585c8b9b7ac9738c8e37ae2bf95bff5cd6e581b57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-2923"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
90bb41871a8b026556aa62f628666b42
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
primis.js
kumo.network-n.com/dist/1.36.0/
10 KB
5 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/primis.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
f8d79daad8f133b66cd3d02efd2097bf1e2a881312537ce64615949c656a0225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:15
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-2767"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
48b3f290c29bdc30e94ebad8de8181a0
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:15 GMT
quantcast.js
kumo.network-n.com/dist/1.36.0/
3 KB
2 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/quantcast.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
6ad2d561a359ada702db1548204dc824684f5e87b151142a5c9c9c60c71f8a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-b05"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
43c4d8634d564859cb121574f7fddb7e
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
request-manager.js
kumo.network-n.com/dist/1.36.0/
12 KB
5 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/request-manager.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
0430f1b71c5bac13eaf2c55a02ae179f5f3e5874f0d79b2fc1e3ff5b6492bda5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-2f8c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
64889a7e77c75014f8934c5f99fac5e3
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
refresh.js
kumo.network-n.com/dist/1.36.0/
30 KB
10 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/refresh.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
3a25ea9d08a5f19bebc8228738c08767cea89bb448eeeae4d437304d5df317d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:14
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-7675"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
b41fc75c5121eae0163c41c6010557fb
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:14 GMT
captify.js
kumo.network-n.com/dist/1.36.0/
25 KB
8 KB
Script
General
Full URL
https://kumo.network-n.com/dist/1.36.0/captify.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
130f1aaefc5a2b1e08181916968b05d02980dcad68159842763767f7c1759e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 10:12:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"653f8184-6466"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=31536000
cdn-requestid
07d113a28e649b00445025da9795f6cd
cdn-requestcountrycode
DE
cdn-status
200
expires
Sat, 02 Nov 2024 15:04:13 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=8b05987ac8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b05987ac8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
804294
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvRHYkeH%2FuZDzn%2FMVxBCNPo8TDk%2FzEIB75NGcriFOSczm%2FJ9uZbIAuWop5RBlnjsG7bxRnoKDpxtmRyUkqok4lEFLY29oWObyhmBsg2%2B4Z66nQVOGHg59aGw1WEXhTjw9WMWM9BFyD4xsP5b4m%2FuIhXUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8279b22acc0f5d84-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
BhrDgxhITU0fGHEa9oHtoL-sYmR7HJ8vzTskkJb1eNYRsr4sQxI0wg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
26 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=8b05987ac8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b05987ac8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
296607
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhFK4INXwn5MV3BE8eP0C35GGEThaPSgaczWQDCg799%2Bgc1nQZqjvXbE8XAyp5bDV7C7PL6ESSzyJla9RUDkcsXxN74%2B33zYTosaExgRZ0k1Hzt5soLwqixITnzUpW%2BQ8zyNEz86Ht8GtJe%2BZQJliGFAgA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8279b22acc105d84-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-gAHmNeMvfw_ztmhoFE78rn8LZd_y5DpGtMoNXs3Vn8bntMzS63MsQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
3 KB
2 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=8b05987ac8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b05987ac8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
1507495
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRv42%2BFVR56yBa1LZS0f45wDOGIQ53JNsWWYN8WN1d4TDnYIwvReGB1OUXaqH9sDJ1suSz8nuZpmlg03j44uZCv8AMu4fieWF2pP6pVbDK8ejUyzr5zrSSTr7ormkGli1RIPm8f8AP9X8y%2BaiInxwjcB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8279b22acc0d5d84-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_Kakzaqf7QFfPks4P57xP-ZbqZsOE2otESqz30kwO3igs8w_DyK4wA==
/
embed.twitch.tv/ Frame 46E6
110 KB
41 KB
Document
General
Full URL
https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/embed/v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b23f7d60bf3ab4e2017801779f13189a3035d2bb6e101795c71e49da221f53ea
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://whereisxur.com
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://whereisxur.com
Content-Type
text/html
Date
Fri, 17 Nov 2023 17:29:27 GMT
Release-Type
release
Server
Kestrel
Strict-Transport-Security
max-age=300
Vary
Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Content-Type-Options
nosniff
X-Served-By
cache-fra-eddf8230125-FRA
X-Timer
S1700242167.472339,VS0,VE7
X-XSS-Protection
1; mode=block
transfer-encoding
chunked
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
10799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:29:28 GMT
modules.woff
whereisxur.com/wp-content/themes/Divi/core/admin/fonts/modules/base/
6 KB
6 KB
Font
General
Full URL
https://whereisxur.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef71c937db7d4381cd982493ff9728723d27dd44282cc5adef9e16bc7025ad26

Request headers

Referer
https://whereisxur.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
307054
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
6152
last-modified
Tue, 31 Oct 2023 19:05:29 GMT
server
cloudflare
etag
"65414ff9-1808"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1breLV0IZAAqGo2Akcjabhh6jVOyG7wXZ53pujAL8w6I3IUOX%2BNfZlwiPUPqvaebyq7gnrbUCsyQWjzZLkpWzagKRRC1gjZm%2BRYdyzU9oeHUr%2Fxid2ahG1WdhyDNxtQxhGE4jFRZakHeeyTuUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22acfbe9b3a-FRA
expires
Wed, 13 Nov 2024 04:11:53 GMT
fa-brands-400.woff2
whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/fonts/
102 KB
103 KB
Font
General
Full URL
https://whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/fonts/fa-brands-400.woff2
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/fontawesome-all.min.css?ver=1.7.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5

Request headers

Referer
https://whereisxur.com/wp-content/plugins/wp-font-awesome/font-awesome/css/fontawesome-all.min.css?ver=1.7.9
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
822005
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
104544
last-modified
Tue, 14 Mar 2023 18:08:44 GMT
server
cloudflare
etag
"6410b82c-19860"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TP6OASAco5TBwsy7Nq%2BAZRTVcl3FCmO3YNaPHWwoBIHjretfcrr21teuUGqB0iRuu4Pw6z9DYw%2F8fVztMkL83QeIz%2BygXQMg8oXPO0q8RJcX%2FFJ6MDGYKnhDEf5JnRqhWUkvr1uaLCq9BOHWow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22acfc09b3a-FRA
expires
Thu, 07 Nov 2024 05:09:22 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6214977830614794&plah=whereisxur.com&bust=31079757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad6aee54fd20e0831ce92fd75a4df84e6ef125ab27846d2d2daf93cc242b1b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137279
x-xss-protection
0
server
cafe
etag
16721631052544784779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:29:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 9432
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 09:25:13 GMT
etag
16674218716276178799
expires
Fri, 01 Dec 2023 09:25:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
www-widgetapi.js
www.youtube.com/s/player/190c935f/www-widgetapi.vflset/
215 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
1293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68234
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Nov 2024 17:07:54 GMT
videoseries
www.youtube.com/embed/ Frame D223
230 KB
0
Document
General
Full URL
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 17:29:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
be.js
tracker.metricool.com/app/resources/
379 B
555 B
Script
General
Full URL
https://tracker.metricool.com/app/resources/be.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:119f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 15:01:12 GMT
server
cloudflare
age
101907
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
cf-ray
8279b22b8dab5b68-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 2023 17:29:27 GMT
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 24 Nov 2023 17:29:27 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/881612209/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881612209/?random=1700242167556&cv=9&fst=1700242167556&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwhereisxur.com%2F&tiba=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9a97383215e432e8c3557e15f2efc90c59141c1ebbf015a98cebd1c8f6d3cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
everywhere-main-6c4b990a05bbab0e5a5e.css
static.twitchcdn.net/assets/ Frame 46E6
105 KB
15 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
00749eff5f11fd9eaa37764812e679a75676baaf200a7c4e0622eceddf020cba

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 17:29:22 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
1296005
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
156414249
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 01 Nov 2023 19:31:00 GMT
X-Vicarius-Hits
-1
ETag
W/"ad2505e6edc19b4f1b67f18f7d248fd3"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
qDoPEn5xLnSBDY6soMqjNtySNxadoOIZNv_sg99cXFxYX4zX66Y0Jw==
settings.3369de162a13fd0898ec1da41484791a.js
static.twitchcdn.net/config/ Frame 46E6
133 KB
41 KB
Script
General
Full URL
https://static.twitchcdn.net/config/settings.3369de162a13fd0898ec1da41484791a.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f8db6324c6ba366a80588c43aba01cb9eea37b6ac062d1b6d968130ddacebacf

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 01:19:56 GMT
Content-Encoding
gzip
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
58171
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
170480891
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 17 Nov 2023 01:19:49 GMT
X-Vicarius-Hits
-1
ETag
W/"3369de162a13fd0898ec1da41484791a"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
33uNKjAasQJabG-n-rErs8oxPmAgbEu_lxDQudG_eYy-ciwd47lc7g==
vendor-ecdc2e4b1b23d7e6b165.js
static.twitchcdn.net/assets/ Frame 46E6
1 MB
378 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/vendor-ecdc2e4b1b23d7e6b165.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4c047185e6e4370e7aefa93df87710007d0ac33ddf9c2e555d498e757695b63c

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 18:29:22 GMT
Content-Encoding
gzip
Via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
169205
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
169898725
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 14 Nov 2023 23:59:47 GMT
X-Vicarius-Hits
-1
ETag
W/"669ff2fc104c857296c7315bdd004f6f"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
y0BsZn1IJlPPfS7eY4ESNGRYBFz8YoC4R-Tmin-EItWrE3E-sI5h9g==
polyfills-da10d6c591979de7f337.js
static.twitchcdn.net/assets/ Frame 46E6
47 KB
17 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/polyfills-da10d6c591979de7f337.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
54d76f1c75eab61bebf210d30b5db9de1fade64d515d1704b86a615ecc3a11e6

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 21:02:02 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
160045
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
169996972
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Nov 2023 20:55:10 GMT
X-Vicarius-Hits
-1
ETag
W/"dde564e63d821dcb61e4f74942a67942"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
oRQCngkLsyXfGc9I7v21j5ATmmewVwpsl3hFauozvlKU-wU1Gx-K2Q==
everywhere-main-2194ca3558c6e1a92736.js
static.twitchcdn.net/assets/ Frame 46E6
2 MB
537 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/everywhere-main-2194ca3558c6e1a92736.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
039fc7e3b782431bb91057f13cdfd0ae7f8a9f87af64ce15e3a5736f117525d3

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:20 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82807
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171152478
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 02:31:20 GMT
X-Vicarius-Hits
-1
ETag
W/"33b69e0ba1874fd90e117def17496d36"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
XTlNSjE7xYzvT7eu07Zdtq7gGHZ2K1nV0CAqqjLSkvPXBzIy4sUI1A==
B1gMwejYlJw
www.youtube.com/embed/ Frame A05B
0
0

Wormgod-Caress.jpg
whereisxur.com/wp-content/uploads/2021/09/
3 KB
4 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/09/Wormgod-Caress.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff305ddc5f06665ba6ec74a3ce196188b721988fdc85c70fa7a9bbcc489741a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
873
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
3478
last-modified
Fri, 24 Sep 2021 17:10:35 GMT
server
cloudflare
etag
"614e068b-d96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmq1l%2FJzYc1VfytY13SMpvWlpczwYnMoncS50mlgl5LECCmC4mXat02w2pBJHP1Fu0jWYS%2BMW7lqIRvLoynp0bYnoiw1KzfKGCYvEZB%2BMtJefuq8lHgBmcK5qyIbtdUQeJU7dU7o%2Fl7vllba9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b88879b3a-FRA
expires
Sat, 16 Nov 2024 17:14:54 GMT
Felwinters-Helm.jpg
whereisxur.com/wp-content/uploads/2022/05/
3 KB
3 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2022/05/Felwinters-Helm.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35ef8312f063024fa009c1afd20ef499cee4415653f2d9f0ea3ecb9d646faa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
873
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
2900
last-modified
Fri, 06 May 2022 17:07:23 GMT
server
cloudflare
etag
"627555cb-b54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwe44FQWSAF1hw57SMJCo3riVk7H5zxR2OSgkAOkJXro3y6QqTt%2BE1D2feM0Fub3qaQtl8ou359VEd0Csnicyp%2F4yS43CbjHZpLvxk2YhYnohCzgbP8xRK7OEaigcoemNXQvpd5scJNe7g7%2FBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b88899b3a-FRA
expires
Sat, 16 Nov 2024 17:14:54 GMT
Destiny-2-Xur-Location-Oct-6-2017-Destiny-2-Where-is-Xur-1062017-LIVESTREAM-Screenshot-2017-10-13-05-01-18.png
whereisxur.com/wp-content/uploads/2014/10/
1 MB
1 MB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2014/10/Destiny-2-Xur-Location-Oct-6-2017-Destiny-2-Where-is-Xur-1062017-LIVESTREAM-Screenshot-2017-10-13-05-01-18.png
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a511b6d2ae9ea020e19a9d9f1f282663e1aad75cbaecaabe1cc315865cb8c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1640
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
1085889
last-modified
Fri, 13 Oct 2017 09:18:14 GMT
server
cloudflare
etag
"59e084d6-1091c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECAQqt1GtAu0NZTIh3bqNJScezUHeROrjpfacCkZN5uCO1U4IEpXVOXgATWJzp6f1RbS9vg0XjQmDw0%2FMg%2Fz7Jd%2BHkE%2FxGiu8dMT0LbzajGqezgtI%2B5bqEnQCMeAVhJ58YnDLfv5Bg8PfOzEXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b888b9b3a-FRA
expires
Sat, 16 Nov 2024 17:02:07 GMT
watch.png
whereisxur.com/wp-content/uploads/2021/08/
4 KB
5 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/08/watch.png
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddbdab409a737ec48914d95b341212f9ff9b7e096f5e098b38e1f1412dbf62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
725188
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
4605
last-modified
Fri, 27 Aug 2021 22:48:28 GMT
server
cloudflare
etag
"61296bbc-11fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0ssLa4j8exAjnwG0U5K0Z8eJk729L%2FGNyi4aORuVRsRsmoT7%2BNatM%2FHADW%2F%2F5ijkHO%2FYi2Iz0%2BxkLpqNn5cvwoWbGfg%2BqGRsDdokV5IfdMY%2BHCQo1OuSbyzHDA9fiVneI8NIDerObBXlSg4PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b888c9b3a-FRA
expires
Fri, 08 Nov 2024 08:02:59 GMT
Xurstream.jpg
whereisxur.com/wp-content/uploads/2021/08/
213 KB
214 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/08/Xurstream.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f38b59cd4668a9dc79245ce92a452b5f6c9fdcd7da8b1d1f3d0a779ad126197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
557054
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
218466
last-modified
Fri, 27 Aug 2021 22:46:34 GMT
server
cloudflare
etag
"61296b4a-35562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7A958ei%2F9G9rtgR0w7EcK0DZFeypPDCB9oFC%2Fs8KL%2Bhr9lTWc8B11egsN7ySJ82jBMc3ony1XRxth6Oe1NjocfVL5rT8MswY0v5AbaiRf3iflpqJFRMTOvFmg9mCA9hj8%2Fg%2F5GBD1kKvkUu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b888d9b3a-FRA
expires
Sun, 10 Nov 2024 06:45:13 GMT
db.jpg
whereisxur.com/wp-content/uploads/2021/08/
112 KB
113 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/08/db.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024d40cbd3f7ee352189940e1cdd1a009c84d99c099446da7e48c4567545a0dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
366510
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
115167
last-modified
Fri, 27 Aug 2021 22:47:15 GMT
server
cloudflare
etag
"61296b73-1c1df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OctFJR4xsC51%2BMJhtbvam2PcOvhK%2Bq155J%2FpV2cd3RkxBsorCcF2p0Qo5GupAXYVU8IRt0fTC4zRhBA8Vborp1%2BXSW7go3Zvq7iFuLcQNIBY5UHUigSY7K1zT1pN9MFwwPtcICy70XW0NKwrUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b888e9b3a-FRA
expires
Tue, 12 Nov 2024 11:40:57 GMT
xoxo.jpg
whereisxur.com/wp-content/uploads/2021/08/
64 KB
65 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/08/xoxo.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e5fd4e842e46acf07f4209a1c0f4fd64b5bdf00071f8798af7d7c5dcfcd6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
451748
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
65961
last-modified
Fri, 27 Aug 2021 22:47:29 GMT
server
cloudflare
etag
"61296b81-101a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRVBT5nmavsHL67S8zvYOK7Bx%2F%2BgMlTsBksNJIFBkNs%2BVooN%2BxwgYZTSZ85m4c3wsjymaNrmikLNF84BGYfCdJNaq2NoX5HHLr5NSOce69lEz8RfDsoAbOIJncL7VVF2h8WeWDqRDzh5KB5hgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b88909b3a-FRA
expires
Mon, 11 Nov 2024 12:00:19 GMT
March-Drop-gif.gif
whereisxur.com/wp-content/uploads/2021/03/
1 MB
1 MB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2021/03/March-Drop-gif.gif
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82bdfdd7b2f3829be96bc7640732b1e0aa4ff9834c80ec826b5ea6f57842f414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536164
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
1254735
last-modified
Wed, 17 Mar 2021 17:59:27 GMT
server
cloudflare
etag
"6052437f-13254f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BKnOgJ1M6BzAOnI8Bwf82efB9nFMVbcF3Tze2mc308vY0ua173SvS9FHzXMB4%2Fbl1rOkxFUyyQQgGyoXZTsHQw8zRgGQdCMw28Ia05AXCXZzPOvednHtjCnOHaF3U%2F17aj4jPJpYbNDsXjx8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22b88919b3a-FRA
expires
Sun, 10 Nov 2024 12:33:23 GMT
style.min.css
whereisxur.com/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
https://whereisxur.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
368532
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 15:58:59 GMT
server
cloudflare
etag
W/"650873c3-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwQtr%2B1wqn8Q%2Bn5mvagJuwzJZ8B8cd8fMH2Hd1a4eqcjCIlm11zatlm5BiIbby%2FjCfnolYt6s%2F%2FJY0QDljlVKDgSVY67WJT64kTKDR%2B8behgz%2FRaIe5GKGScIJP%2B0y1ydHozopLyHULyWXmxEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8279b22b88929b3a-FRA
expires
Tue, 12 Nov 2024 11:07:15 GMT
prebid.php
kumo.network-n.com/
379 KB
122 KB
Script
General
Full URL
https://kumo.network-n.com/prebid.php?v=7.54.4&adapters=triplelift,adagio,sovrn,appnexus,openx,ix,criteo,rise,medianet&with-exact-module=permutiveRtdProvider
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
736af9aa03ac1629c0fb6decd3e7c256e8fc4d19b4e7a92bf85efd8119dd3daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:06:01
cdn-pullzone
411106
last-modified
Mon, 30 Oct 2023 09:28:18 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a636866a7c9f9853e684962f098f504e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
x-server
1
cdn-requestid
595a2e50dacdef0bd0a66011a2a6f5f4
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1PBJFTP2CG&gtm=45Pe3b81v895536671&_p=1700242166990&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=98726545.1700242168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700242167&sct=1&seg=0&dl=https%3A%2F%2Fwhereisxur.com%2F&dt=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1791
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MQP3J3C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1265919703&t=pageview&_s=1&dl=https%3A%2F%2Fwhereisxur.com%2F&ul=en-us&de=UTF-8&dt=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1187052113&gjid=1900747257&cid=98726545.1700242168&tid=UA-55935606-1&_gid=759578592.1700242168&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1089899571
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1265919703&t=pageview&_s=1&dl=https%3A%2F%2Fwhereisxur.com%2F&ul=en-us&de=UTF-8&dt=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1354352027&gjid=1184995470&cid=98726545.1700242168&tid=UA-55935606-1&_gid=759578592.1700242168&_r=1&_slc=1&z=1404735103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
75 KB
75 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
https://whereisxur.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
804294
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sanyo7LXQAIbaKLQWHFfHebncge7xs1Hv9LFT8B32hTitO9PJePK1UXLpSRFrwEltRq6UOFvjiNJAmNbIX7slso0HTXOAhQRm4N5f0MUiLJwoXWY3KpGck%2FBGVrEJUYtz17Xwq0mGhJPJPLKppY7wyPehw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8279b22c4dcd5d84-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
2MelHbP2AanslvbO1XQLFay5cEuYJpE0MDcOnCEoP6LLJ6f85oX3HQ==
nessus-e1507809967609.jpg
whereisxur.com/wp-content/uploads/2014/10/
208 KB
209 KB
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2014/10/nessus-e1507809967609.jpg
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfc4909de4b05f973467e30bb0e9d5c2498a51ddf3ca5eb9ff2428ca0da75b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2590
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
213464
last-modified
Thu, 12 Oct 2017 12:06:12 GMT
server
cloudflare
etag
"59df5ab4-341d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SA284DOmQup72%2BrtPX5CNdNnEp%2BXWeK%2B4ZH4G20sM8XQVdtt2i%2F9y4jbScX75ZKDmOOSHBooBa3ajBxoo%2F547j0zmwSf53TyGeOLi7tSx5gdex30I5xDDf4q1vTDHNzppeocReEXRziZem6tMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b22c89ab9b3a-FRA
expires
Sat, 16 Nov 2024 16:46:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ad9a7bd110cad2b9d97def78901aa89f75dc1b60d6c4cd9282fb6805c82f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30333
x-xss-protection
0
server
cafe
etag
253 / 19678 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:29:28 GMT
js
www.googletagmanager.com/gtag/
233 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0CPE0JFSCT
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
637e3863e2e41a9bfcf9a480d4a2e4a33568fcfd6aa254eb358926a2279ee375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83183
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 17:29:27 GMT
moatheader.js
z.moatads.com/networknheader13924283968/
245 KB
86 KB
Script
General
Full URL
https://z.moatads.com/networknheader13924283968/moatheader.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.85.120 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-120.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8cea9f13c4a6baeec72839871a091777b19cc1eb1567cb7947e01b6b3c3e6786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:16:45 GMT
server
AmazonS3
x-amz-request-id
109Q8BF3JDNXXSRB
etag
"79536ed5b59bc75294eb579ce93a422a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60278
accept-ranges
bytes
content-length
87383
x-amz-id-2
0aIDudrGaUilPtwleR6LoJdX5R0ixOawOQHZ6pSmJluD6/ayEpQ0Wm/WPpoAEFHPQhMwjVuWHIM=
rules-p-_DUDeArd9HJ8w.js
rules.quantcount.com/
3 B
440 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-_DUDeArd9HJ8w.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:49:14 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
27614
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:43:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
hZWSfSZF-1PxW_2CNVFqmO9R87daOpsk10GjfYHzyeqGIaw1GF3DDQ==
www-player.css
www.youtube.com/s/player/190c935f/ Frame D223
0
0

embed.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame D223
0
0

www-embed-player.js
www.youtube.com/s/player/190c935f/www-embed-player.vflset/ Frame D223
0
0

base.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame D223
0
0

/
www.google.com/pagead/1p-user-list/881612209/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/881612209/?random=1700242167556&cv=9&fst=1700240400000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwhereisxur.com%2F&tiba=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&fmt=3&is_vtc=1&cid=CAQSGwDICaaNeCaVt_5x9SMfVD-J6n5bbt8QLx5NQg&random=2143226093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/881612209/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/881612209/?random=1700242167556&cv=9&fst=1700240400000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwhereisxur.com%2F&tiba=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&fmt=3&is_vtc=1&cid=CAQSGwDICaaNeCaVt_5x9SMfVD-J6n5bbt8QLx5NQg&random=2143226093&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c3po.jpg
tracker.metricool.com/
70 B
233 B
Image
General
Full URL
https://tracker.metricool.com/c3po.jpg?hash=1e367238770c64d37accd9b195d9f08e&u=https%3A%2F%2Fwhereisxur.com%2F&bw=1600&bh=1200
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:119f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 17:29:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8279b22d0ebe5b68-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
videoseries
www.youtube.com/embed/ Frame 77D6
230 KB
48 KB
Document
General
Full URL
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6baac8c6801715fb9caee89e07ac2e982930e28a2dee1cb6dd8dafae20d4de1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 17:29:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
B1gMwejYlJw
www.youtube.com/embed/ Frame 3C27
91 KB
39 KB
Document
General
Full URL
https://www.youtube.com/embed/B1gMwejYlJw
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a208c67f6b1de1a9be7bca71a44e9adf7747f0db213a3a51e5789164d8660a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 17:29:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
p.js
k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 46E6
198 KB
73 KB
Script
General
Full URL
https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-2194ca3558c6e1a92736.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
445f90ecfab5ded6f51209614d8e66316b70a0afa06b00249a5032ec41262191
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-Cache-Hits
139
Date
Fri, 17 Nov 2023 17:29:27 GMT
content-encoding
gzip
Via
1.1 varnish
Strict-Transport-Security
max-age=300
Age
78
X-Cache
HIT
Connection
keep-alive
Content-Length
73674
X-Served-By
cache-fra-eddf8230054-FRA
last-modified
Fri, 17 Nov 2023 16:51:15 GMT
X-Timer
S1700242168.957972,VS0,VE0
etag
45225153d0eb4384699358287c7c6a6873670648-vyGp6PvFo4RvsFtPoIWeCReyIC8=-mc5esLFwQxTDfFa4NRve8AwpqZU=
Vary
Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
public, max-age=120, stale-while-revalidate=120
Accept-Ranges
bytes
X-Robots-Tag
noindex
Expires
Fri, 17 Nov 2023 17:30:10 GMT
player-core-variant-a-6f58ac3e58e53422e545.js
static.twitchcdn.net/assets/ Frame 46E6
122 KB
32 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/player-core-variant-a-6f58ac3e58e53422e545.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
067629b93b9156dcfd0a66c7bfd2453c187244f0ec9cb7bbc96bb7d1f41881cb

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 18:29:25 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
946803
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
160456134
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 03 Nov 2023 17:47:13 GMT
X-Vicarius-Hits
-1
ETag
W/"2c09c685690cd79488a1ec361fd9e006"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
W05yrM1XnFKbGd9RoWEp-JKemG1GH7uMjBiRwqwZbARVIKTvz-JmlQ==
features.chat.components.stream-chat-918fec154173cda66344.css
static.twitchcdn.net/assets/ Frame 46E6
62 KB
11 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.stream-chat-918fec154173cda66344.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd3a14351063c7733c4463cf2a918b348c6320efd21490aa36ced67e3e7692a8

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 18:31:48 GMT
Content-Encoding
gzip
Via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
341860
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
167728167
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 09 Nov 2023 20:19:15 GMT
X-Vicarius-Hits
-1
ETag
W/"58887004cf5f254a1195201d0cf9357d"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
2aFyQXgtz17sSC8nb85pzlBdr-fyyCEvrB05bQf1fte5rthWdWjVdQ==
features.chat.components.stream-chat-ca90d71df23445c35783.js
static.twitchcdn.net/assets/ Frame 46E6
2 MB
347 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.stream-chat-ca90d71df23445c35783.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c473f62dbe573ab62084740ce339718b94f16e5e2b8fefbc1a5d14a260e5ef54

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:28 GMT
Content-Encoding
gzip
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82800
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171135449
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 02:31:27 GMT
X-Vicarius-Hits
-1
ETag
W/"7bd9874472f73f80abf10774ebe72d6c"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
3Sx4gi19EfpmDnlG3MjZkdQP7VMFxem-7J2CH-oRQ4svBtbit4TkBg==
v6s.js
d2v02itv0y9u9t.cloudfront.net/dist/1.1.6/ Frame 46E6
267 KB
76 KB
Script
General
Full URL
https://d2v02itv0y9u9t.cloudfront.net/dist/1.1.6/v6s.js
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-2194ca3558c6e1a92736.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1600:2:5624:e040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4753e0e2fc769d14cd90048716a76fc8607a8a4adc089d2606306a38d477fc9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:45:50 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 12:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
17020
x-amz-server-side-encryption
AES256
etag
W/"b54c4c53ea23acd68a3a75068320c4cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9hBuIdPBZW1h11mafS_Z7FczJ8f25ULJ9MTQtWcyiEU9jBVW-WDiag==
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55935606-1&cid=98726545.1700242168&jid=1187052113&gjid=1900747257&_gid=759578592.1700242168&_u=YCDACUAABAAAACAAI~&z=1278782199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Nov 2023 17:29:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
345 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55935606-1&cid=98726545.1700242168&jid=1354352027&gjid=1184995470&_gid=759578592.1700242168&_u=YCDACUABBAAAACAAI~&z=270342924
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Nov 2023 17:29:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/190c935f/ Frame 3C27
378 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/190c935f/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48795
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Nov 2024 17:12:30 GMT
embed.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 3C27
57 KB
17 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65030c1bb33a7d3b00574b46d56c6fefc6e4430bf4f2b23de425078585c0ec50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17875
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:32:39 GMT
www-embed-player.js
www.youtube.com/s/player/190c935f/www-embed-player.vflset/ Frame 3C27
322 KB
96 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 13:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
15845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98594
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Nov 2024 13:05:23 GMT
base.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 3C27
2 MB
763 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65d9d35ac0df81d0440f783d9ff8a084b17c6aa133228424f468eb240c085a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
781301
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:32:39 GMT
www-player.css
www.youtube.com/s/player/190c935f/ Frame 77D6
378 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/190c935f/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48795
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Nov 2024 17:12:30 GMT
embed.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 77D6
57 KB
17 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65030c1bb33a7d3b00574b46d56c6fefc6e4430bf4f2b23de425078585c0ec50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17875
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:32:39 GMT
www-embed-player.js
www.youtube.com/s/player/190c935f/www-embed-player.vflset/ Frame 77D6
322 KB
96 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 13:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
15845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98594
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Nov 2024 13:05:23 GMT
base.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 77D6
2 MB
763 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65d9d35ac0df81d0440f783d9ff8a084b17c6aa133228424f468eb240c085a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
781301
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:32:39 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/
123 KB
36 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/cmp-sourcepoint.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:14 GMT
content-encoding
br
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:08:07 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1230
x-amz-server-side-encryption
AES256
etag
W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
PEX9-bwGUe1U80xkYcQjT7HqYv1AvM_SpkZN_vLafVkKFLj3EAqxjw==
tag
btloader.com/
65 KB
22 KB
Script
General
Full URL
https://btloader.com/tag?o=5684350990417920&upapi=true
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3480ea251099b54f6e350fb647664b3f76835e5592be54cf79a2a7e5250d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 17:10:08 GMT
server
cloudflare
age
966
etag
"e77883027c22797b2c9b466b00a6fef2"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8279b230ad664db0-FRA
content-length
22340
00917082-71e9-498e-8343-00c3df06b798-web.js
00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/
1 MB
246 KB
Script
General
Full URL
https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7116af1188bf714fb6816a5cd9b5340b7b6183ea9a54ce24fc067bbfc6e4694d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
00917082-71e9-498e-8343-00c3df06b798
age
0
x-guploader-uploadid
ABPtcPqGrKHPVGoStIpSK0pO7q5WtgA9a32Yoen9LbkQU4_Vzha5IJv5jAIMg7NuFfuxOk-dKApRQBaeWCbtfe3TxHBgKg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
251477
last-modified
Thu, 16 Nov 2023 16:01:07 GMT
server
cloudflare
etag
"ce77bb392938c9ec00d62b8e9385f907"
vary
Accept-Encoding
x-goog-generation
1700150467727483
content-type
application/javascript
x-goog-hash
crc32c=h/pitA==, md5=zne7OSk4yewA1iuOk4X5Bw==
cache-control
public, max-age=900
x-goog-stored-content-length
251477
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8279b230be944d94-FRA
expires
Fri, 17 Nov 2023 17:44:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/amazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:34:38 GMT
content-encoding
gzip
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
3291
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
B_o8gCVvstYmroJbfhWs8OKlAKiyJFrldu-GuZZQGc9z4O6x4GDJbA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231117
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=7.54.4&adapters=triplelift,adagio,sovrn,appnexus,openx,ix,criteo,rise,medianet&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5319
x-jsd-version
1.0.1877
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"641-1YKVPSNSxEtps6XrkJSRmQ2Gkf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUI%2FthWVH3%2BRk3%2BDGhwcspq3usARPS0epA%2Fx4I7xneKkkhwQ2FqKrpimGns4PvIYqhsNXuDfI00jG2ajrvYIz8K7Misp%2FdYEZd2E80wzZfjS70H0PoXN9tl7hFxOHLgO7bPzno0UHDQLGrQWJpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8279b230aa0a9165-FRA
3f98e63f-340e-4352-bf25-3863d5c8a411
boot.pbstck.com/v1/tag/
1 KB
860 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/3f98e63f-340e-4352-bf25-3863d5c8a411
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/pubstack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04da2b02d79822b844ac45cbf6db26f41672104b2dfdbcc6560e26d7ce2ebee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
8279b230a96665c5-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
233 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0CPE0JFSCT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55935606-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30b37dd46d2a06078a960ee197bc9d77e1cee04fe8a6b295eec19df8d30161e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83164
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 17:29:28 GMT
captify.js
kumo.network-n.com/external-scripts/
310 B
777 B
Script
General
Full URL
https://kumo.network-n.com/external-scripts/captify.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
dbf2c65c424ed53bbcfe6f55731658210a9e6fae208fe1cebf4395ce97f82bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:28 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/03/2023 15:04:13
cdn-pullzone
411106
last-modified
Tue, 24 Oct 2023 14:37:25 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6537d6a5-136"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
7d31b1616f43321bd781973239bb2497
cdn-requestcountrycode
DE
cdn-status
200
expires
Sun, 03 Dec 2023 15:04:13 GMT
gql
gql.twitch.tv/ Frame 46E6
33 KB
5 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-2194ca3558c6e1a92736.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
433ba056f1b18f5b0fa831ffcded3fa106302f31393a5fcc4df7abba1a4b4654

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:28 GMT
Content-Encoding
br
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
585
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C27
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
471557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 06:30:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C27
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options
nosniff
age
160081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:01:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 77D6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
471557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 06:30:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 77D6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options
nosniff
age
160081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:01:27 GMT
fp
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 481E
582 B
1 KB
Document
General
Full URL
https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
356129ee5a40d1b9e322419c13e2efb7513cdd956c82ed1a0568f7ab331b87ec

Request headers

Referer
https://embed.twitch.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
404
Date
Fri, 17 Nov 2023 17:29:28 GMT
Expires
0
Pragma
no-cache
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
content-encoding
br
content-type
text/html; charset=utf-8
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-ct
01xcxOZV2jJmccJKVhuepnLElrNppa9DbBP0pR3PqoZ4FFTH8ytPY3M2pc02s8ldG9e2CL757ZZE0zF7rFAvPpy0XSCHJnttmz36daDS0AjJTCwKkOWbKRks67GVHElRXnZQJoQjgNsQeDof5clXuVyQ5a
fp
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 34D3
586 B
2 KB
Document
General
Full URL
https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
/
Resource Hash
da9b409e17b632f38a7dc2212ac5b8dc924bf1de9f39213d043d35077dadb147

Request headers

Referer
https://embed.twitch.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
405
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 17:29:28 GMT
Expires
0
Pragma
no-cache
Via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
X-Amz-Cf-Id
tkd7fZ-NWbv-zo_nEI0QHr-ychrpGeS8RaKsor7Rb_UdAuSFvb9dCg==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Error from cloudfront
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
content-encoding
br
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-ct
01VxUnMjTiHDMpLrqIbPzE6Y5wNUYnzzCTgY0oyQIXAJrJK3A3GrYzTrVlNuq2b4rsTyAZQNmG3ZvUlaHNdC5FV5GVswLc6r6flG9qz1ssujuzvJF7dfTx9sqTDKgJ3WcpkcKfJv2KAc11qvN1aGbfOF6C
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
29875
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 09:11:33 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0CPE0JFSCT&gtm=45je3b81v9117950818&_p=1700242166990&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&gdid=dZTNiMT&cid=98726545.1700242168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700242168&sct=1&seg=0&dl=https%3A%2F%2Fwhereisxur.com%2F&dt=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CPE0JFSCT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
mb.moatads.com/yi/
663 B
842 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3G8ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-at5aRxmAS248Xw%3D%3D&sc=1&os=1-IQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwhereisxur.com%2F&pcode=networknheader13924283968&rx=926625245735&callback=MoatNadoAllJsonpRequest_44111211
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f9e342cb4636775a2235de653172e308ea89266a07801484f3ec1ff40081fcf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
server
istio-envoy
etag
"af0e62ff5f0f26fc19e1eca94c3e9cc8b89e8a93"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
18
timing-allow-origin
*
content-length
663
iframe.html
z.moatads.com/hd09824092/ Frame 8E73
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.85.120 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-120.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=884
content-length
1374
content-type
text/html
date
Fri, 17 Nov 2023 17:29:28 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
XmKNbxIVbCxldfP/6F45tHX/KnNmX+y7HmOtmul9SDdTs7vcLQ4Psn+BcPQjsPU80m3Uge5r6CQ=
x-amz-request-id
AED5DD8BACD1DA13
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 46E6
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/player-core-variant-a-6f58ac3e58e53422e545.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:29:29 GMT
inter-latin-variable-wghtOnly-normal-a05a0d687a088c4efed3.woff2
static.twitchcdn.net/assets/ Frame 46E6
36 KB
37 KB
Font
General
Full URL
https://static.twitchcdn.net/assets/inter-latin-variable-wghtOnly-normal-a05a0d687a088c4efed3.woff2
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Request headers

Referer
https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:03:04 GMT
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
6294384
X-Vicarius-Region
fra
X-Vicarius-TransactionID
96016078
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
37056
Last-Modified
Wed, 31 Mar 2021 04:32:27 GMT
X-Vicarius-Hits
-1
ETag
"b212a798db3b717b02ca67e3ca5c0bef"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
3G1JJeHJbToJ5KymcSl166Z4VKx8aPjq5bydAsNX8qwKm4QNuGPjAA==
features.video-player.components.video-ads.stream-display-ad.pushdown.portal-94db3d51ac84ac023273.js
static.twitchcdn.net/assets/ Frame 46E6
3 KB
2 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.video-ads.stream-display-ad.pushdown.portal-94db3d51ac84ac023273.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2bc2af0c3101e9bd9188ef5bd39172af8097016e64ad1086ea03c3b965c8adb2

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5702402
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
102951428
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 11 Sep 2023 21:49:32 GMT
X-Vicarius-Hits
-1
ETag
W/"6cd4b532ee951f45120cc4bad8bbc0f8"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
rq2iaS-nIFcD4geLqfqrTBmrJ0SThaNjPdTclKmNNljSdILrTODkOQ==
features.channel-celebrations.components.celebration-display-0a7bf62ba7b85211028a.css
static.twitchcdn.net/assets/ Frame 46E6
574 B
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.channel-celebrations.components.celebration-display-0a7bf62ba7b85211028a.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7fd4409198e6c276d5b4b62f2c3b1e8fc4f06193180b52ab3360fd8bdb87d6e6

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 21:15:06 GMT
Content-Encoding
gzip
Via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5775262
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
101860133
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 26 Apr 2023 01:20:25 GMT
X-Vicarius-Hits
-1
ETag
W/"86c752f1ee0a4112f7503d0bd1a5a595"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
MtQzzjYKUm04RBRbUWsRKWxNpJ0a3uJYcV8wm2dxy9eOK9K_VLrr0A==
features.channel-celebrations.components.celebration-display-2c5c133016b48847241f.js
static.twitchcdn.net/assets/ Frame 46E6
99 KB
18 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.channel-celebrations.components.celebration-display-2c5c133016b48847241f.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
544ad9fe6ced38792fcb763fff362d510cb42a019c736f70d8dacbb6d6f480c1

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:21 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82807
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171193810
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:04 GMT
X-Vicarius-Hits
-1
ETag
W/"a8c3312856e8dad00e68d15e3e049252"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ekeOuitQ0puMcTeOPXAPZeLQmf3_uRItoG9d8wMvXiWqagSG-hnOSA==
features.video-player.components.video-ads.audio-ad-overlay.component-e70fd3adca256609585a.css
static.twitchcdn.net/assets/ Frame 46E6
1 KB
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.video-ads.audio-ad-overlay.component-e70fd3adca256609585a.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9ba40069f9ec6d491f4738cc1c346700ddeaf5ef616f46122d7f9ce71d7dc620

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 00:30:03 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
9824365
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
53384247
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 17 Dec 2022 01:55:19 GMT
X-Vicarius-Hits
-1
ETag
W/"e1e80c8e52cfd2ea58edbbb204c8b5db"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
xqMgmX_dD1_0geBx4NyWVxSL007K8uzEn6RQyvcaQVjaq7t2eUA28Q==
features.video-player.components.video-ads.audio-ad-overlay.component-27f9b9ac1e3f354fc6c3.js
static.twitchcdn.net/assets/ Frame 46E6
11 KB
4 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.video-ads.audio-ad-overlay.component-27f9b9ac1e3f354fc6c3.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf00a1d42dfd379e983ad66542c2956a80572289440f8e740ea30680564ef4a1

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5702402
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
102784198
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 11 Sep 2023 21:49:31 GMT
X-Vicarius-Hits
-1
ETag
W/"d42d334be90d3a66c67e7b776c961ed6"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
KpS-ixx8d2ISLtKDc74E7CcIvv1g3ii4KKTJbmWg5YCD8FSRmVx36w==
features.video-player.components.video-ads.pushdown-sda-eligibility-0d1b181c3e2ca9bc12d5.js
static.twitchcdn.net/assets/ Frame 46E6
3 KB
2 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.video-ads.pushdown-sda-eligibility-0d1b181c3e2ca9bc12d5.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3fb66a979162576e6018f079293be866329da6ce619116e396514cd245db1b62

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding
gzip
Via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5702402
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
103038155
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 11 Sep 2023 21:49:32 GMT
X-Vicarius-Hits
-1
ETag
W/"bc727b027485437c88a549f6d9f756ad"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
4sIp0cXEL5euJv9lT_BJFrXDqPpChR81W4RlqYiHP65zzm7PpJhBFA==
features.consent.components.cmp-api-4a0931347fc4ef7b44a1.css
static.twitchcdn.net/assets/ Frame 46E6
717 B
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.consent.components.cmp-api-4a0931347fc4ef7b44a1.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6998d311bdd346da24a257d09e25517aa7cc7eb4b8fd740b8deb7b769269f727

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 22:59:30 GMT
Content-Encoding
gzip
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4559398
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
117382028
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 29 Jun 2023 17:31:23 GMT
X-Vicarius-Hits
-1
ETag
W/"1cdb1854b14eacb078f79708bbedfa56"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ygcZ19wZ1uq71JGHYWvgCGVn47Qjf9r1HeoFI3cFYG9D_ReEokSW-w==
features.consent.components.cmp-api-08706083b91b974a94a2.js
static.twitchcdn.net/assets/ Frame 46E6
362 KB
101 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.consent.components.cmp-api-08706083b91b974a94a2.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79f40047b18f4a694852c3aac01228358c1f60e7feecf568705390650981dbea

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:21 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82807
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171183110
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:28 GMT
X-Vicarius-Hits
-1
ETag
W/"4ec183adb7094e40865a64aec7b9f5a8"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ma9cgJ-D7uKzYLx6K3qRmLXOIbPEicJW77hNqxFhiGpJODzulQqwIQ==
features.chat.components.orbis-9f8bf4e7574df9506d51.css
static.twitchcdn.net/assets/ Frame 46E6
125 B
963 B
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.orbis-9f8bf4e7574df9506d51.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
596aed55635ffc78dbffd4e1e9cb9d8cef6e2a71e0387c75b375a06d258a6dd5

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 16:13:34 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
2164554
Transfer-Encoding
chunked
X-Vicarius-TransactionID
146375944
X-Cache
Hit from cloudfront
X-Vicarius-Region
fra
Connection
keep-alive
Last-Modified
Tue, 02 Mar 2021 18:03:07 GMT
X-Vicarius-Hits
-1
ETag
W/"4a3209c1e6173dd3dce6f3f6d2942403"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ErcnUDyIWJPdUAVcld6ZQ6bZgQDTcj3wWS4JyiaXrcRKBw5aa1pakA==
features.chat.components.orbis-c5065751ac5303ec1190.js
static.twitchcdn.net/assets/ Frame 46E6
9 KB
4 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.orbis-c5065751ac5303ec1190.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a2f50d64674723894453137c93bfece119e87a82a064bec38e49498d3f74b68d

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:29:27 GMT
Content-Encoding
gzip
Via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5702401
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
103001636
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 11 Sep 2023 21:48:06 GMT
X-Vicarius-Hits
-1
ETag
W/"897ac75ada5d4d914c712a81c0c2fe61"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
KRIuNunzEwN4DmmWVn1bv8njJk1lSuyX7qe2NXsrjqh0SzzI3aN-Ew==
features.paid-pinned-chat.components.message-list.component-7d3dd8e358391e084a3f.css
static.twitchcdn.net/assets/ Frame 46E6
3 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.paid-pinned-chat.components.message-list.component-7d3dd8e358391e084a3f.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b4ba9adec35f031a741feb26fe792ff4fcf44f21a6d2ecbe613885c9dca169cb

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 18:31:48 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
341860
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
168016923
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 09 Nov 2023 20:19:27 GMT
X-Vicarius-Hits
-1
ETag
W/"46d0a6b59168e78fe07cb464e8daa64e"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
k9lzAFc9HQw7uJrT0G0PsbvFndSE1U7Y8yCBExyIWjK9gU9l-6khAg==
features.paid-pinned-chat.components.message-list.component-9a9340e924c05d93d6fd.js
static.twitchcdn.net/assets/ Frame 46E6
21 KB
7 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.paid-pinned-chat.components.message-list.component-9a9340e924c05d93d6fd.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7cdaff99181e91e5bb644ecf92b9065603c4031f64264b0b4fba12632da07ab1

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:30 GMT
Content-Encoding
gzip
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82798
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
168289174
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:49 GMT
X-Vicarius-Hits
-1
ETag
W/"eb0e27b2fc692464ecd19d984fffb315"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Ha7-TxVj39-LFXtUxkC_sSM9HBovt8Vsp3wwng4Ad7G5egJjbcs7Tw==
features.chat.components.chat-room.components.acknowledge-unban-request-prompt-c15d43050a533dd5fd4e.css
static.twitchcdn.net/assets/ Frame 46E6
767 B
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.chat-room.components.acknowledge-unban-request-prompt-c15d43050a533dd5fd4e.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
145728b5f996387f7d5ae92953ce694861234c5041f02f218e97e51caedf8ae4

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 07:50:03 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4527565
Transfer-Encoding
chunked
X-Vicarius-TransactionID
117720672
X-Cache
Hit from cloudfront
X-Vicarius-Region
fra
Connection
keep-alive
Last-Modified
Wed, 31 Aug 2022 02:12:06 GMT
X-Vicarius-Hits
-1
ETag
W/"d5354b69480c4f73f893904b407ccd65"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
F_HfxuKbSUBcKSidcqXaH5zRC-bRVC2Eglf31p-ItPiRDhxAtdCDNA==
features.chat.components.chat-room.components.acknowledge-unban-request-prompt-a75c49415a0df5845cf8.js
static.twitchcdn.net/assets/ Frame 46E6
9 KB
4 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.chat-room.components.acknowledge-unban-request-prompt-a75c49415a0df5845cf8.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec4bd70516e7a163eab20528f9f8b076a033592808085408079a2ff18262897e

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:30 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82798
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171291095
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:15 GMT
X-Vicarius-Hits
-1
ETag
W/"e0bc40f6f7bff0daaa38ab14808b66e6"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
xOlW155jGtEGB_lXu65BU37gKA3n565xpBDe78FUv9sh_0dEvoEntw==
features.chat.components.chat-command-handlers.component-48820b53fa1f9f3929fe.css
static.twitchcdn.net/assets/ Frame 46E6
23 KB
5 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.chat-command-handlers.component-48820b53fa1f9f3929fe.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36790e9530e6610813ad04d81da516d3fedcc2a9e3b2bb065fcf5e524fabaa40

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 06:17:17 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
9803531
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
53553102
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 17 Jul 2023 18:18:20 GMT
X-Vicarius-Hits
-1
ETag
W/"cda5e1bdb61dc1b5de483c6f484e8b5a"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
VU1Lh0zI-J-gBUNb-oQiTw4alIm7XS7TcXfjjZczAeVlfCBJ2p0BNw==
features.chat.components.chat-command-handlers.component-f743ffdf6798e4b395b3.js
static.twitchcdn.net/assets/ Frame 46E6
2 MB
325 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.chat-command-handlers.component-f743ffdf6798e4b395b3.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
126547c9a588d9a275a3fa86c96ac8a2fd9fb2df03b068e85eaeea5000282da0

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:30 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82798
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171135452
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:14 GMT
X-Vicarius-Hits
-1
ETag
W/"2d8772ef73015116010cf56ed7c307a5"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
GvCsqo1Mmneu4U9-INE8WS6OUbd27UOBxkNS2x1tUez1FE4FjVLInw==
px.js
p.cpx.to/p/13037/
4 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/13037/px.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/external-scripts/captify.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.122.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-122-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
165ca1e3ffdd73b8f13aeb49229ee446c46d47b363bf9d654a70d6de02c253ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
cache-control
max-age=604800, public
content-type
application/javascript; charset=UTF-8
e6d7e03a-b1f2-4e0c-b6ef-09d78e010a03
https://embed.twitch.tv/ Frame 46E6
102 B
0
Other
General
Full URL
blob:https://embed.twitch.tv/e6d7e03a-b1f2-4e0c-b6ef-09d78e010a03
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d1c15087d7e241a99cf94534f8f0e2286c9b426bfc065a248ae9dc0d07f9e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
102
Content-Type
gql
gql.twitch.tv/ Frame 46E6
268 KB
21 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
189ee74b34125d1580a570b1a105ca52fa83b1b0b2845ecf31a9230c90460731

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:29 GMT
Content-Encoding
br
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/json
Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCf...
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 46E6
0
0
Fetch
General
Full URL
https://video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCfwICI3y7KugiedBPhy-knnOpFvx65v9h17I0_hpXJq_eHz1uCYkg1UVPh_JFGuuAaH9rKabqHK5z-aaVvbZbDaK8ovwkcr3uA27jy15tj2qqryIeO28NN0g-gy7-I24XkTObD_v2oKrWweLtiVurd2iaVqNHAoO5xkaacafcRE_1mcZFBNw5uopM5mz4G3xQL6JnLTq9pVw0fUym7K7aQyKa1QdyHZeH6eRcYqCI4kSBHK58-xuxcKT2uhvlR1pzbMa784-iRgQ3ySoENWv_5L0Xcanf1sRukokFG970ZJMhi4oEjJ_rtivg7a46p1PzQx36Tmfd1QiuOIPZ87OXLzPWP9JNzeovo7KhZQIZMZLYxZZhTWujA4SdbPz5oJ0w8Jqk8guCJ3Sdc_8vnPN2ve-EvHUWjTKTrcRWd25fM5JEaGLg4BQy6XVeOcp76BwRUQLVK40GfUT0USbDg6JqeiK878BBXgnXEqIwopj07M-mh8h07FJ50urRI4k4qasgSLVjAdObiwep03f3B6RoqoweJPwx6ok_U1dbjBa96ihC7_RywYyNZJ7MpWKTkpm.ts
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.132.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-132-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://embed.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:29 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
586
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:29 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 08:08:11 GMT
x-amz-cf-pop
FRA56-P3
age
33679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UF8g1LPtZARKa1QkA4R9SXA1Xf2LYhaaiOOcsX7YJwZ56QmcUi6w7g==
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
935 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1512237
x-guploader-uploadid
ABPtcPqnletbkN5Ej9yWbn6nCYTPfUdH2fufL4ejVLBUFs-9UrqblRt5e17OQ2WGA6EOLJS2ITplh6t5_5yiAmauaxeXm_5z58AB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW6N9%2F9A5e5otWWKa2cechJzC%2Fbxdou0ukR3zckZPQCiC%2F5rxn6akHwiMZTkdZkOFcA8bDF1%2FbzhPNJbs26aiKcrA4mnFP5NnXohjbfoiu%2F03GpCcT%2BpBOYBsooumFfD2jDydEZhbRp7rjd%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8279b2352c359c0a-FRA
expires
Tue, 31 Oct 2023 05:49:29 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:20:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 02:20:51 GMT
px.gif
ad-delivery.net/
43 B
337 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5105159161772166
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1512237
x-guploader-uploadid
ABPtcPqnletbkN5Ej9yWbn6nCYTPfUdH2fufL4ejVLBUFs-9UrqblRt5e17OQ2WGA6EOLJS2ITplh6t5_5yiAmauaxeXm_5z58AB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AotPq6iAOvjiklb66koyZjZi2sCTMI0xiF6V%2BPnlpCTF1pilxmG8BKgh6jtT5P6HwgUKipqyH2Gq75iHX4HVMksY7%2BKVN5ZOdN9dSbI5kLEHNWE0y4vqUeSo4KTahIfw5IHpvpTM8Flc8FVmvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8279b2352c349c0a-FRA
expires
Tue, 31 Oct 2023 05:49:29 GMT
collector-d8cb7f0.js
cdn.pbstck.com/
61 KB
17 KB
XHR
General
Full URL
https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/3f98e63f-340e-4352-bf25-3863d5c8a411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
87KKG9Q8E89C5NZW
age
1409308
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pPpKe3cz2EXQWYrDtHd/bMWwT3e2OUlorqhyk4EBy72mSmQWFypWxZ5h4U8hZ2wmhhFgfcBwi5g=
last-modified
Mon, 09 Oct 2023 08:15:49 GMT
server
cloudflare
etag
W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
8279b2352a944d2e-FRA
ccpa.b154ec02644cd990c80b.bundle.js
cdn.privacy-mgmt.com/unified/4.13.4/
13 KB
4 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.13.4/ccpa.b154ec02644cd990c80b.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 15:09:22 GMT
content-encoding
br
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1304408
etag
W/"77e3e266e4f094462ddad55cf561b5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
jb7DYx6pEiy3P9hd65Krv3BuumeCIinLt-_-2R_LsDQXhQLsTHNArw==
gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
cdn.privacy-mgmt.com/unified/4.13.4/
134 KB
22 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.13.4/gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 15:08:11 GMT
content-encoding
br
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1304479
etag
W/"44467dde87d7b7afea5d9256b34c9523"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
h49YRitlUrNZRXzY039iDRK4mqWb5CWAIRuBTDnD0V9E2KFXpRFoqw==
get_site_data
cdn.privacy-mgmt.com/mms/v2/
203 B
617 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwhereisxur.com&account_id=1823
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/
Resource Hash
6911950d8f42dfe6993738dc3f6384fcd82c4a4df01ca41292c89a37c7b8145e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 20:02:43 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-32-254
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
77206
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
MA2LvHfXfqIu0Cswteb4HG1B5RCKJxvJAnvb1RQt2vLrtKZP1zob8g==
id
googleads.g.doubleclick.net/pagead/ Frame 3C27
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
450b7c2387387436f0c3d0007db73d5f7296af189da1bf02e95f6a8a7959b5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 17:29:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3C27
29 B
494 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:17:38 GMT
x-content-type-options
nosniff
age
711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 17:32:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 77D6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a92bfee0ad85b81fef3eeb564bb7f167cbce7f07f24c3c1836e155561537f726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 17:29:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 77D6
29 B
89 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:17:38 GMT
x-content-type-options
nosniff
age
711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 17:32:38 GMT
ips.js
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 34D3
350 KB
130 KB
Script
General
Full URL
https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?ga__13_abel=01VxUnMjTiHDMpLrqIbPzE6Y5wNUYnzzCTgY0oyQIXAJrJK3A3GrYzTrVlNuq2b4rsTyAZQNmG3ZvUlaHNdC5FV5GVswLc6r6flG9qz1ssujuzvJF7dfTx9sqTDKgJ3WcpkcKfJv2KAc11qvN1aGbfOF6C&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjNDE3ZDAwMy03ZTYxLTRhNzMtYmU3NC1lYTk1ZjhlZGExZWY
Requested by
Host: passport.twitch.tv
URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
/
Resource Hash
09d843d6382f032d8c770d6e59d0731c394e8454c93db97fe33dce2ee471f75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
br
Via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-kpsdk-ct
01A9fCiXcy8tq3w55rNvBnCiscf4IkfMhmCmDAt5BgakLXEnff65m8Dj1wp7GsYRKAXDbxOa81YGWC5YV5u3EMGexh8KovVEKF6FJUXQKcxZr7KLDU3BoMkh0SHZolACB2Pma2XuHnDXJ5dVmCk5I3H6pr
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=utf-8
p3p
CP="This site does not specify a policy in the P3P header"
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131818
X-Amz-Cf-Id
3hD0qPbiQf2grjPXy_Zidsq-sltNBMf2y_OXh0b6ebaramH8-z3sjA==
Expires
0
ips.js
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 481E
344 KB
129 KB
Script
General
Full URL
https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=01xcxOZV2jJmccJKVhuepnLElrNppa9DbBP0pR3PqoZ4FFTH8ytPY3M2pc02s8ldG9e2CL757ZZE0zF7rFAvPpy0XSCHJnttmz36daDS0AjJTCwKkOWbKRks67GVHElRXnZQJoQjgNsQeDof5clXuVyQ5a&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjZjJmNzIzMi1hOTI5LTQ2MTctYjVhNy0zMzQ0NDFlOWNkMzE
Requested by
Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
075a0b46612ad3b63e202fa3dfa0d1a4bf8e88bbb70592f6e6c60b63de1b2b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
br
x-kpsdk-ct
01uW3ex5zp5l7rsNyF73nhwggQxm4vlMNpETXOdZKJuIbfF3QI8GWKcW16voJg1fn3593EoB2fxiivrfLkWK3PTnnGzxhPfQr0VKSBqKlZ7ErF0Buwq9EUThpXM4e8ZqPeWL2CuCX7G1nctiG4GM5nnaj4
p3p
CP="This site does not specify a policy in the P3P header"
content-type
application/javascript; charset=utf-8
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
130827
Expires
0
gql
gql.twitch.tv/ Frame 46E6
1 KB
714 B
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f520c0ad561d409cb88a915e37024ca88b1801f3e39e526d1b367cc67965df3f

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:29 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
527
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
300
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:29 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 17:29:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3C27
70 KB
32 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98a96dbe0e0d22eee00ebaba04f41ced75edf2cd971e3bb3b21dd3d0a2d6fca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32993
x-xss-protection
0
remote.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 3C27
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266f10bcd8445642b63ba1729f7ef7c99816684782ccf290eb924d3c675e5072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:33:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
204965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33664
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:33:24 GMT
4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js
www.google.com/js/th/ Frame 3C27
39 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 22:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
156403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15284
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 22:02:46 GMT
sddefault.jpg
i.ytimg.com/vi/B1gMwejYlJw/ Frame 3C27
60 KB
60 KB
Image
General
Full URL
https://i.ytimg.com/vi/B1gMwejYlJw/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c4dd10a2602e75748ad506920812c22223f09d06ae4b427c8b7f36629f512b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:04:17 GMT
x-content-type-options
nosniff
age
1512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61268
x-xss-protection
0
server
sffe
etag
"1624201333"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 19:04:17 GMT
truncated
/ Frame 3C27
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
Ck4KsDgCAvtEaeNHjXaiWlBHMNnO6Et3tOCR1g6rtX2Vf6FDqHe79gdaP2MhzVEjaI4H5__Fdg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3C27
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/Ck4KsDgCAvtEaeNHjXaiWlBHMNnO6Et3tOCR1g6rtX2Vf6FDqHe79gdaP2MhzVEjaI4H5__Fdg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
27f2ce65422813c8888560ac84413002433dffd39cc11b53e9e65a3e1ae76bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:32:05 GMT
x-content-type-options
nosniff
age
10644
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4153
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Nov 2023 14:32:05 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 17:29:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 77D6
70 KB
32 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b467ee7d8596f1b6f92badef2417df25680041da3c6289fb431942c5f6babdf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33011
x-xss-protection
0
remote.js
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 77D6
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266f10bcd8445642b63ba1729f7ef7c99816684782ccf290eb924d3c675e5072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:33:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
204965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33664
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Nov 2024 08:33:24 GMT
4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js
www.google.com/js/th/ Frame 77D6
39 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 22:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
156403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15284
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 22:02:46 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/LHPIarnplh8/ Frame 77D6
209 KB
209 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/LHPIarnplh8/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9c4f18d21e57c6839eab899bd654c2693ce629a54221846efce89cb1017701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:15:36 GMT
x-content-type-options
nosniff
age
833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213962
x-xss-protection
0
server
sffe
etag
"1699032894"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 19:15:36 GMT
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1823&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=26301&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://whereisxur.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
4705
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 17 Nov 2023 16:11:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-id
3k88K54ff0ItxF8hV402yTvqbWZSDqZ-WPubRLPQOqKhK53r86BNPg==
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
x-powered-by
Express
meta-data
cdn.privacy-mgmt.com/wrapper/v2/
299 B
834 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1823&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=26301&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
a2b8b6157670f71b250cbc730866eb3d63ad3ce599e005b8d7de0f8ba22d8e4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 17:13:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
973
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
299
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
hac9TTjDz4v2WxrMS9PGAdNRo3WNUssvwJIuPrIcAHyzuPl7aL257w==
truncated
/ Frame 77D6
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
Ck4KsDgCAvtEaeNHjXaiWlBHMNnO6Et3tOCR1g6rtX2Vf6FDqHe79gdaP2MhzVEjaI4H5__Fdg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 77D6
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/Ck4KsDgCAvtEaeNHjXaiWlBHMNnO6Et3tOCR1g6rtX2Vf6FDqHe79gdaP2MhzVEjaI4H5__Fdg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
27f2ce65422813c8888560ac84413002433dffd39cc11b53e9e65a3e1ae76bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:32:05 GMT
x-content-type-options
nosniff
age
10644
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4153
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Nov 2023 14:32:05 GMT
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
bb5c130d-ba94-4def-99be-55ae9c1ed75a
https://whereisxur.com/
824 KB
0
Other
General
Full URL
blob:https://whereisxur.com/bb5c130d-ba94-4def-99be-55ae9c1ed75a
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cb66a12c45f87c4e25a643e979100794f5b3859c27f22464872cbf0fd7e657b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
843509
Content-Type
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=1WaEcCqW&w=5718102059253760&o=5684350990417920&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwhereisxur.com%2F&sid=VXwqmqAL&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
messages
cdn.privacy-mgmt.com/wrapper/v2/
68 KB
8 KB
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1823%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwhereisxur.com%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=437037932437037932651d&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
e9ddedb96658c31a0f211b71a1491b4da2fe35d39c4cec379b65bea9f536ed65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 17:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
339
x-powered-by
Express
x-cache
Hit from cloudfront
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
cY6mzbyHudk1OWjbQJ6KCqZp7U2U3PEaZSSCnqL9qcEhoRuaJeaKkg==
messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1823%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwhereisxur.com%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=437037932437037932651d&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://whereisxur.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
339
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 17 Nov 2023 17:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-id
3JIjPjSaEMjn4FPe5_oHCs4v-JzdP4pWtRjAcRoQ_Cg4AB4TpKg39w==
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
x-powered-by
Express
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 46E6
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:29:29 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 46E6
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:01:05 GMT
error
reporting.cdndex.io/ Frame
0
0
Preflight
General
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://passport.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Fri, 17 Nov 2023 17:29:29 GMT
server
CloudFront
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-id
8s5_7bUYiy1k5U0N4D8xPNBDCwu8ks6IprZvK-UH4zFlw25lrgqscw==
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/ Frame 34D3
8 B
398 B
XHR
General
Full URL
https://reporting.cdndex.io/error
Requested by
Host: passport.twitch.tv
URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?ga__13_abel=01VxUnMjTiHDMpLrqIbPzE6Y5wNUYnzzCTgY0oyQIXAJrJK3A3GrYzTrVlNuq2b4rsTyAZQNmG3ZvUlaHNdC5FV5GVswLc6r6flG9qz1ssujuzvJF7dfTx9sqTDKgJ3WcpkcKfJv2KAc11qvN1aGbfOF6C&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjNDE3ZDAwMy03ZTYxLTRhNzMtYmU3NC1lYTk1ZjhlZGExZWY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer
https://passport.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
ZQDy81QNOR3JBFa_py272cNgvIISY-DFo70dEOKDZP2vx5pdpuwSXQ==
tl
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 34D3
0
1 KB
XHR
General
Full URL
https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by
Host: passport.twitch.tv
URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?ga__13_abel=01VxUnMjTiHDMpLrqIbPzE6Y5wNUYnzzCTgY0oyQIXAJrJK3A3GrYzTrVlNuq2b4rsTyAZQNmG3ZvUlaHNdC5FV5GVswLc6r6flG9qz1ssujuzvJF7dfTx9sqTDKgJ3WcpkcKfJv2KAc11qvN1aGbfOF6C&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjNDE3ZDAwMy03ZTYxLTRhNzMtYmU3NC1lYTk1ZjhlZGExZWY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-kpsdk-im
CiRjNDE3ZDAwMy03ZTYxLTRhNzMtYmU3NC1lYTk1ZjhlZGExZWY
x-kpsdk-ct
01ySzQCGBzSY28uoSaprufjhGFerfDolVm558K3aivJ4NNNx3xrpySJePmyyNl205AElrL4AAATy68XoO2EiWmZqxLF2LuGH6bXB4Lt754dhmW8UfPtSM8qznZXcTvlRcmTwkTWNBie2aydFw43hOKNIGI
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/octet-stream
x-kpsdk-dt
10gby19ky2qx6uz74z3ix5iz43m
Referer
https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
x-kpsdk-v
j-0.0.0

Response headers

Date
Fri, 17 Nov 2023 17:29:30 GMT
Via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-st
1700242170107
x-kpsdk-cr
true
Connection
keep-alive
Content-Length
0
Pragma
no-cache
x-kpsdk-ct
01zPx8kdA1n3jW54fm7QcpgKLegeSLZAvnnqnBhp7HExlam2msAqOLksZy9O7gqqLIvCe1Iqeoh1I2Jvy2sbfCbKbKeav01QwAeQ4JrxlpGVauXipKheYkQWB0NzoL2103CnRCzkwGRsdOYDnWvijCHJbg
Content-Type
text/plain
access-control-allow-origin
https://passport.twitch.tv
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Amz-Cf-Id
0zKl8YXFU8vC6dEhvrsh3MSzK6i2Ca9WLWnGUDL_NrIu4o1O9KBD4g==
Expires
0
error
reporting.cdndex.io/ Frame
0
0
Preflight
General
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gql.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Fri, 17 Nov 2023 17:29:30 GMT
server
CloudFront
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-id
hU25GZ04SaHgVjdBIw18zzycYAB4ZYGoHVSxw4BHl0fB2mgRAq4uLw==
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/ Frame 481E
8 B
398 B
XHR
General
Full URL
https://reporting.cdndex.io/error
Requested by
Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=01xcxOZV2jJmccJKVhuepnLElrNppa9DbBP0pR3PqoZ4FFTH8ytPY3M2pc02s8ldG9e2CL757ZZE0zF7rFAvPpy0XSCHJnttmz36daDS0AjJTCwKkOWbKRks67GVHElRXnZQJoQjgNsQeDof5clXuVyQ5a&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjZjJmNzIzMi1hOTI5LTQ2MTctYjVhNy0zMzQ0NDFlOWNkMzE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer
https://gql.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
7IxgAwV_VpAeAZGfTOBLeTS8CW1_8BxtuKlRY4CdqdSYwsbTC8z59w==
tl
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 481E
0
1 KB
XHR
General
Full URL
https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by
Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=01xcxOZV2jJmccJKVhuepnLElrNppa9DbBP0pR3PqoZ4FFTH8ytPY3M2pc02s8ldG9e2CL757ZZE0zF7rFAvPpy0XSCHJnttmz36daDS0AjJTCwKkOWbKRks67GVHElRXnZQJoQjgNsQeDof5clXuVyQ5a&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiRjZjJmNzIzMi1hOTI5LTQ2MTctYjVhNy0zMzQ0NDFlOWNkMzE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-kpsdk-im
CiRjZjJmNzIzMi1hOTI5LTQ2MTctYjVhNy0zMzQ0NDFlOWNkMzE
x-kpsdk-ct
01t3y7Uv4r6avuRBrqjpm4nkHzgXt9tnI1o5XcI9o04YBTK0LD1DRuI5mgqkCdNPO2G9xI6xcdpoqmcbYxqGAAlzrkyMf3KZvK2WGpvwgL6KqaTZAeMfX4QGUwvafZ3aYPfamF3bqH7kGRrqmI66vVbZht
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/octet-stream
x-kpsdk-dt
16mx0mhx1h6z42ky5hx3hw73y2r
Referer
https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
x-kpsdk-v
j-0.0.0

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:30 GMT
x-kpsdk-ct
01uess0NOxha36OPUgPXGasGKmlOUliJjrZ3xCyKlLKcPkQD5vLZQ7xRI8XA3oYUFVbf59Xh4n2Wx1c3aXs1fp9dRsdB5Aw1ME8wGKczZym16LHUeNWndtJf8E3eebOLEIj8nmil6Ux4yamm1ckfREEIya
content-type
text/plain
access-control-allow-origin
https://gql.twitch.tv
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-cr
true
Connection
keep-alive
x-kpsdk-st
1700242170319
Content-Length
0
Expires
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 17:29:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3C27
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e26bf7ccd25f94513ed9207cdbdf986b6821d75a447816b3caa8ee33f3b840a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 17:29:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 77D6
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70be7d5123cccf64deaed8efd326005adfc846521cf74f4ef44e358f4c4325bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
gql
gql.twitch.tv/ Frame 46E6
4 KB
2 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6515c12351eb897df9bb02b2c596189c74546d2307acc53390aead76e27f73d0

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:30 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
1673
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
301
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:30 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/25110922/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:00:33 GMT
content-encoding
gzip
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
26938
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ySTeBXEABEsEtv-7zV_CL2Q3KUDgfWG_2ixYD8rWTw0rbrmdeoBwNA==

Redirect headers

date
Fri, 17 Nov 2023 17:29:30 GMT
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
LEvChSyXBiSAEAi5dZ9PtluNL1BR3JFjW2reUfhPVE8bK_2aOmR5Xw==
pxid
00917082-71e9-498e-8343-00c3df06b798.prmutv.co/v2.0/
46 B
391 B
XHR
General
Full URL
https://00917082-71e9-498e-8343-00c3df06b798.prmutv.co/v2.0/pxid?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fa6650b6933bbfb0eac06b4cce71024d6304e73908c7509cf349eb13e747196c

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
getuidj
ib.adnxs.com/
11 B
568 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:30 GMT
an-x-request-uuid
6a23d4b4-2b05-498e-829b-76701d961913
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whereisxur.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
26c60b4f-549a-4efd-8ae0-f00e07c46204
config.aps.amazon-adsystem.com/configs/
537 B
803 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/26c60b4f-549a-4efd-8ae0-f00e07c46204
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
975cc0c13cffdeb15d6e89a75851ad570f4333afa82a99b6402eae3327191ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:41:08 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2902
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
v4Lv6AOiuZh4VMohvdM8nUg6Uf5RBEqHNRdW0xgj9B4Iil0MuV7xPw==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwhereisxur.com&pubid=26c60b4f-549a-4efd-8ae0-f00e07c46204
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6576bc636667b4b6ff19a6c591c1f976e5b328f5505ce78c15ce0d3c3a772095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:33:48 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
17742
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://whereisxur.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2335
x-amz-cf-id
1eDNe5G3ytZXYcJOWoKL4Xl6Ah2aPU_S2nHsg66Ufgzh-pftsSgiaw==
liveView.php
live.primis.tech/live/
47 KB
18 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/primis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
54b45d033b29f1be0236762de4a3bdda01b813597fc1da611507a61cb86fbd87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:30 GMT
content-encoding
gzip
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
UpdfRPgLDb8HifwxBfd1LpgrVzdLLjygWS_rjjW80CTetXK3YU3_yA==
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.36.0/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 24 Nov 2023 17:29:30 GMT
rules-p-5AnRGcbhtTcgL.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-5AnRGcbhtTcgL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e4c37feb87e0edfdb963900b9467f64f82d16abafd3b3b11b2c80e9d3bf350e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:05:16 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:19 GMT
server
AmazonS3
etag
"f0b88f7ccbda9922baaedb53461a2058"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Oz39GFXn9u8RRpXtbPjp8Q0X5cBk8xhGxotxmRNtmrkH0jjnvBoung==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437037932437037932651d&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://whereisxur.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://whereisxur.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 17:29:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-id
YcutRdp8Nhtz3yVGZY0LSlV2M5l_OubsSeivzGDW51JG5oi6MXpJSQ==
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/
195 B
732 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437037932437037932651d&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
9f8842e4f3bd67f5b3c21f71826ccfaeff2dd9b5819ba6237f6a01d2b1b7652f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 17:29:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whereisxur.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
dxoTjBOYYxzXNkRDUaAhdatrR5NzcHHx7qyILbF5SkabNF0Eqx1XGQ==
features.guest-star.components.guest-star-rtj-channel-content-dc5f7775af7220bff5a8.css
static.twitchcdn.net/assets/ Frame 46E6
45 B
963 B
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content-dc5f7775af7220bff5a8.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7dc1657d62d95d4f3dfff6282aaaf24fb7ccd26afde8cbfbd706c8c00b301cb1

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 00:31:03 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4467507
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
118469348
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 28 Jun 2023 18:20:55 GMT
X-Vicarius-Hits
-1
ETag
W/"a4f4c3574e356f0a7510073f0df9c1ab"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
PitBkzo0GoXEdQ_g5bkkwiF88znap4PSGn_YQTWNjbh2swKRsRuoTQ==
features.guest-star.components.guest-star-rtj-channel-content-10957efc795fb44ab04e.js
static.twitchcdn.net/assets/ Frame 46E6
43 KB
11 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content-10957efc795fb44ab04e.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0373d647fe10d48014be010baa35759546a2123c9bba2c1848c80c430f35fb0

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:23 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82807
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171183129
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:38 GMT
X-Vicarius-Hits
-1
ETag
W/"4a0d30c03c17eabd9601951796397c7c"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
NkTH5GuHNTszZTWjwSEwogfM2FthZY_ObAyDt1E8gLrHUdzaB0IDWQ==
features.subscribe-button.components.subscribe-button-966f45268f97e2e4de33.css
static.twitchcdn.net/assets/ Frame 46E6
100 B
965 B
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.subscribe-button.components.subscribe-button-966f45268f97e2e4de33.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69cfb7908ceb8fdbbc69f017c4172c8be25b1d3688c75e311e9f4312cbd65d3e

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 23:44:43 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4038287
Transfer-Encoding
chunked
X-Vicarius-TransactionID
123810241
X-Cache
Hit from cloudfront
X-Vicarius-Region
fra
Connection
keep-alive
Last-Modified
Tue, 05 Oct 2021 23:14:33 GMT
X-Vicarius-Hits
-1
ETag
W/"a5e00bd9c049eab2f7a51d8b8a1929d1"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ItxdZ9DdDmIKcbGFy7MJiLlPt6qi6WT64DX3pYViz6dAfPf4TR_HYg==
features.subscribe-button.components.subscribe-button-f70a8ee3b47e9a97969f.js
static.twitchcdn.net/assets/ Frame 46E6
95 KB
23 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.subscribe-button.components.subscribe-button-f70a8ee3b47e9a97969f.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ca419686788ffefde8b85d068c045c6a9dbca96bac7b99d8d187270d439fc8a4

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:23 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82807
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171149290
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:02:13 GMT
X-Vicarius-Hits
-1
ETag
W/"13c2f892cfcd0bfa7beeb10ea8240d9a"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
jYyFgLliEbJ-6K3l-YrEiTnhdGQtKXRzsFq6PqO2l4TO1TVl0vLRRA==
vendor-libphonenumberjs-e5a956d84a5a74e8f152.js
static.twitchcdn.net/assets/ Frame 46E6
159 KB
43 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/vendor-libphonenumberjs-e5a956d84a5a74e8f152.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5863be988caf4ab95dac7eef24168a4df33723e1d5e78845499f577945934082

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 23 Sep 2023 04:40:34 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4798136
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
114143544
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 19 Apr 2023 19:09:35 GMT
X-Vicarius-Hits
-1
ETag
W/"105e510240485fc1ad18c0975cd47947"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
2_350IhV9Lk0q6HiRhvb7vUvOq9JWasdnkDrDMRtHjaN-4PUH1YV0w==
features.chat-community-highlights.components.community-highlight-stack-manager-a01b828ceade300f3b45.css
static.twitchcdn.net/assets/ Frame 46E6
31 KB
7 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat-community-highlights.components.community-highlight-stack-manager-a01b828ceade300f3b45.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec1bef7dc833e146ba4722938f8120284370e3e61b94d11f1ac924c4bc9025a7

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 08:44:50 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5561080
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
103673651
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 06 Sep 2023 06:40:57 GMT
X-Vicarius-Hits
-1
ETag
W/"cad66997c0ef051c9550956fe8fc7fda"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
3pAVzbbLUhaiLahr49qWWyVSArIc6hPxeWJLQvUbbAzG0FTFEDq_9g==
features.chat-community-highlights.components.community-highlight-stack-manager-91e9dcd65acb18dddf67.js
static.twitchcdn.net/assets/ Frame 46E6
653 KB
144 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat-community-highlights.components.community-highlight-stack-manager-91e9dcd65acb18dddf67.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
03dc9603a481ccefab40915f81a283e6925ec664e92a498775667b742c0700ba

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:35 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82795
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171100901
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 02:31:23 GMT
X-Vicarius-Hits
-1
ETag
W/"69a538b0fb8f50156f1707da6cc49e53"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
yiCxFTLPWWasmYGIYTIt0LgWDvyUV1wiLPsYwMeeiwJ7M278pIy06w==
features.chat.components.bounty-board-notification-13e056fe410aade74a22.js
static.twitchcdn.net/assets/ Frame 46E6
6 KB
3 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat.components.bounty-board-notification-13e056fe410aade74a22.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a76da8994eb9d3e1e29cea24fe536861a3f45df3ba0084188d07d382e699c271

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 18:29:43 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
687587
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
163971377
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 09 Nov 2023 00:07:22 GMT
X-Vicarius-Hits
-1
ETag
W/"8180108f72017493f6521c9ff8afcd05"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ITEiVDcanjRu44VCfdX31oMMbiosvn23s_Vipjq62Ws_XcgXJ5AQ-w==
cd43f70c-efa3-44dc-a103-46cac9743043-profile_image-150x150.png
static-cdn.jtvnw.net/jtv_user_pictures/ Frame 46E6
44 KB
45 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/jtv_user_pictures/cd43f70c-efa3-44dc-a103-46cac9743043-profile_image-150x150.png
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1414a8377c0833d2d9dafbb7cbc1e6f36bc01f1830eb5bb30f3e40b989477191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:25:28 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
6109
x-cache
Hit from cloudfront
content-length
45351
last-modified
Mon, 09 Dec 2019 21:04:44 GMT
server
nginx
etag
"1424834deb363255ed6d332448818804"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
hJefpXY_06x_M4UH5cp5cYIjfQDLpxq1lK81T10DSRIxLgIlWXSGtQ==
expires
Fri, 17 Nov 2023 19:47:41 GMT
30e83387-5628-4d40-b788-c5ec57f3fe3d
https://whereisxur.com/
824 KB
0
Other
General
Full URL
blob:https://whereisxur.com/30e83387-5628-4d40-b788-c5ec57f3fe3d
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cb66a12c45f87c4e25a643e979100794f5b3859c27f22464872cbf0fd7e657b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
843509
Content-Type
index.html
cdn.privacy-mgmt.com/ Frame C4A2
5 KB
2 KB
Document
General
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3014
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 16:39:17 GMT
etag
W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-id
Uhv4hqFDifCiLPOt54sF9hNAdlYGbCO29GgYhN1fex9H0jTK-2g4ig==
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3C27
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:29:31 GMT
Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCf...
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 46E6
0
0
Fetch
General
Full URL
https://video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCfwICI3y7KugiedBPhy-knnOpFvx65v9h17I0_hpXJq_eHz1uCYkg1UVPh_JFGuuAaH9rKabqHK5z-aaVvbZbDaK8ovwkcr3uA27jy15tj2qqryIeO28NN0g-gy7-I24XkTObD_v2oKrWweLtiVurd2iaVqNHAoO5xkaacafcRE_1mcZFBNw5uopM5mz4G3xQL6JnLTq9pVw0fUym7K7aQyKa1QdyHZeH6eRcYqCI4kSBHK58-xuxcKT2uhvlR1pzbMa784-iRgQ3ySoENWv_5L0Xcanf1sRukokFG970ZJMhi4oEjJ_rtivg7a46p1PzQx36Tmfd1QiuOIPZ87OXLzPWP9JNzeovo7KhZQIZMZLYxZZhTWujA4SdbPz5oJ0w8Jqk8guCJ3Sdc_8vnPN2ve-EvHUWjTKTrcRWd25fM5JEaGLg4BQy6XVeOcp76BwRUQLVK40GfUT0USbDg6JqeiK878BBXgnXEqIwopj07M-mh8h07FJ50urRI4k4qasgSLVjAdObiwep03f3B6RoqoweJPwx6ok_U1dbjBa96ihC7_RywYyNZJ7MpWKTkpm.ts
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.132.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-132-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://embed.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:31 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
gql
gql.twitch.tv/ Frame 46E6
3 KB
829 B
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93d189de51239bc3a8566384f241938afd3a00f992b772894f79c843e4afde94

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:31 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
642
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
302
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:31 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 77D6
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:29:31 GMT
integrity
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/integrity
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-request-id,client-session-id,client-version,x-device-id,x-kpsdk-cd,x-kpsdk-ct,x-kpsdk-v
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Age
269
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:31 GMT
access-control-allow-headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts, x-kpsdk-cd, x-kpsdk-ct, x-kpsdk-v
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
access-control-max-age
600
integrity
gql.twitch.tv/ Frame 46E6
515 B
1 KB
Fetch
General
Full URL
https://gql.twitch.tv/integrity
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1d4bc8e70b1c0fb5674089c497c2674cf6e2df8b83502831f511db2d8747bb2

Request headers

x-kpsdk-cd
{"workTime":1700242170355,"id":"03646354072d583b3b75ab4fe3a74b1b","answers":[7,1],"duration":3.4,"d":698,"st":1700242170107,"rst":1700242171047}
x-kpsdk-ct
01uess0NOxha36OPUgPXGasGKmlOUliJjrZ3xCyKlLKcPkQD5vLZQ7xRI8XA3oYUFVbf59Xh4n2Wx1c3aXs1fp9dRsdB5Aw1ME8wGKczZym16LHUeNWndtJf8E3eebOLEIj8nmil6Ux4yamm1ckfREEIya
accept-language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Client-Request-Id
uKoHiidbzzYJpJsptChckKRWprHM3Bip
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
x-kpsdk-v
j-0.0.0
X-Device-Id
2d5f3e52f53c9464

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
br
x-kpsdk-ct
01ybnHGogC6hpa3OPBdNjaoBJ5ouX4BnZIofZ2I4vM9cOHgkX8onKAFi8HQ33VgBd42dxIQwVFQMbH7O2UNTRcBlzcyK2BaxoGvYBhemfjWRh0qgLwH7b7J0sFRhWmyNxKL1CkI319tb7yakF5H8DFfJJ3
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r
Cache-Control
no-cache, no-store, must-revalidate
p3p
CP="This site does not specify a policy in the P3P header"
Connection
keep-alive
Content-Length
384
Expires
0
geoip
api.permutive.com/v2.0/
247 B
222 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
75d76e3b4c9ae0adeb86224f457bd194421331677738efefbc39ce6d95ba4321

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
watson
api.permutive.com/v2.0/
131 B
323 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b313fc959bf0675674d0841c82eab034823dd1bbcfe3b039457b916bc8086e0c

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
generate_204
www.youtube.com/ Frame 3C27
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?_3N07A
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/B1gMwejYlJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/B1gMwejYlJw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Notice.3a0d3.css
cdn.privacy-mgmt.com/ Frame C4A2
33 KB
6 KB
Stylesheet
General
Full URL
https://cdn.privacy-mgmt.com/Notice.3a0d3.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:05:09 GMT
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1464
x-amz-server-side-encryption
AES256
etag
W/"453680a5f8883be2b15dcb7878e5d351"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
AlgC2bxf9REy_1giE0wD4L-y0_xzAw2a1SoxMK_ad--WcI0A7V-P2Q==
polyfills.d36c5.js
cdn.privacy-mgmt.com/ Frame C4A2
5 KB
2 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:15:40 GMT
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
832
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
ErJD1iG8Wrq54xuCXLGJNf4W-2p6riS4v74qk1c4HIiM8Xi1aESsow==
Notice.cfd37.js
cdn.privacy-mgmt.com/ Frame C4A2
274 KB
72 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/Notice.cfd37.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:14:10 GMT
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
922
x-amz-server-side-encryption
AES256
etag
W/"ab0bfa06558578f0cc888d8945749f5b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
dcC9o6F91HnMLfW6hqrnzOi8KQ527aYpQro4CL1QaL7m7qBJXqOB0A==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 17 Nov 2023 17:44:31 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-39.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 4587dd93b6f56d2b3f35f25ef2cabe70.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
40841
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
DEpVGXKb8dLG88N6mcmb8kgDDiI5k68Ijq6j8HB61EMwa4FP9xSh2Q==
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwhereisxur.com%2F&ref=&_it=amazon&partner_id=572
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
1631
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8279b2427db6924a-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/
154 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
FXD5W0ZF7TED0SAQ
age
3485
etag
W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8279b2427a3e2c6b-FRA
x-amz-id-2
g2T0qSUW32YhYbYNClC4ExTrW+6Res8PeC3aCXIOKBKTLlONy5PIKE8Bpev+VexOtScYKluaygI=
generate_204
www.youtube.com/ Frame 77D6
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?yjH-YQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
00917082-71e9-498e-8343-00c3df06b798-models.bin
cdn.permutive.com/models/v2/
275 KB
191 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/00917082-71e9-498e-8343-00c3df06b798-models.bin
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ac93d95cdaf7bb0763071724360934b06f515fd888c173a47b51cd2f6d101e

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
00917082-71e9-498e-8343-00c3df06b798
age
0
x-guploader-uploadid
ABPtcPpkTw9hc21eilirjlQwTHteqXJ-YgZJbZ38khTyojy0dc--VZvHKUB1-NsHOMzv2DFm2yi93dPOSoRgPPYVPiXSgw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
194422
last-modified
Thu, 16 Nov 2023 06:02:07 GMT
server
cloudflare
etag
"95363ae4868a0c770ba5ca607bc4187f"
vary
Accept-Encoding
x-goog-generation
1700114527536585
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=q4gb4w==, md5=lTY65IaKDHcLpcpge8QYfw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
194422
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8279b2437b103621-FRA
expires
Fri, 17 Nov 2023 16:33:11 GMT
undefined
embed.twitch.tv/ Frame 46E6
7 KB
7 KB
Image
General
Full URL
https://embed.twitch.tv/undefined
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 17:29:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300
Via
1.1 varnish
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-fra-eddf8230125-FRA
Server
Kestrel
X-Timer
S1700242171.402607,VS0,VE2
Vary
Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type
text/html
Release-Type
release
Accept-Ranges
bytes
X-Cache-Hits
0
features.video-player.components.overlays.offline-embeds-overlay.components.channel-info-2669bc954cd1f11bca0b.css
static.twitchcdn.net/assets/ Frame 46E6
1 KB
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.overlays.offline-embeds-overlay.components.channel-info-2669bc954cd1f11bca0b.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
57aa77792d5efbd0f673332016d297c6e17b43e89bd084ebc94e80c6025a16a6

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:36:56 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4517555
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
117849615
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 25 Apr 2023 19:21:20 GMT
X-Vicarius-Hits
-1
ETag
W/"2089c1c7a155729611b07360938b04c3"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
erQ3AlL32hiVCXFx-xfV2BLw8UbzBoHBZdD3QO3pNfX6d1XJ3dNsgA==
features.video-player.components.overlays.offline-embeds-overlay.components.channel-info-05c940c38267c9967d60.js
static.twitchcdn.net/assets/ Frame 46E6
20 KB
7 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.video-player.components.overlays.offline-embeds-overlay.components.channel-info-05c940c38267c9967d60.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e227c9e9a7c24dea65ebeb4fa9a5e1f16d222dd231b86ac96e73bd5308a772d4

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:29:27 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5702404
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
103058915
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 11 Sep 2023 21:49:30 GMT
X-Vicarius-Hits
-1
ETag
W/"9729d0e5e43c16703cb83645f8e6c3f9"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
QKvHT1MWjvr-S_cEfg8mmd3J8F4FIJCOWuoKliTyLzTm20jREvJnKw==
identify
api.permutive.com/v2.0/
50 B
88 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
51fd2247508bfbd2fdbd582e89f32d480a1617dabc83b44be1358e7d0d69ec0c

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
log_event
www.youtube.com/youtubei/v1/ Frame 3C27
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Goog-Request-Time
1700242171450
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/B1gMwejYlJw
X-YouTube-Client-Version
1.20231114.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtTcGNxQU44R044MCj3xd6qBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1700242168976&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C524%2C295&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 17 Nov 2023 17:29:31 GMT
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
302
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:31 GMT
gql
gql.twitch.tv/ Frame 46E6
6 KB
1 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1adceac1e5be1bce251aec255762034ebb7cb60a53b6f6415322d5649234be6

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:31 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
921
Content-Type
application/json
b2
sb.scorecardresearch.com/
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700242171562&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=1&cs_fpcd=1&c7=https%3A%2F%2Fwhereisxur.com%2F&c8=Where%20is%20Xur%3F%20Find%20Him%20here%20and%20See%20What%20He%27s%20Selling&c9=
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
FfaschwaO55IlbbpQVjsiNpogdFzRK0Nvt6s8PENupEUFFdp4xUH0w==
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame 4908
6 KB
2 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bef565dc0623fe4b53da99c2db4810e148950a467f75607c2c1da66364bd1415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BzDpBtRwL84xfvy4dOQadRN6RJ50UV5hParNFlJGZeFQVV1t71qImw==
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 3C27
50 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:01:05 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 77D6
50 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:01:05 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 77D6
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Goog-Request-Time
1700242171616
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
X-YouTube-Client-Version
1.20231114.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtTcGNxQU44R044MCj3xd6qBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1700242168994&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C729%2C410&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 17 Nov 2023 17:29:31 GMT
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
307
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:31 GMT
gql
gql.twitch.tv/ Frame 46E6
3 KB
1 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8f8d5829fc1bc5d517e9efdb2eb9e7b4d45fb8225919c6dfaec411eb3fdff00

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Integrity
v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiI4MS45NS41LjM2IiwiZGV2aWNlX2lkIjoiMmQ1ZjNlNTJmNTNjOTQ2NCIsImV4cCI6IjIwMjMtMTEtMThUMDk6Mjk6MzFaIiwiaWF0IjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJpc19iYWRfYm90IjoidHJ1ZSIsImlzcyI6IlR3aXRjaCBDbGllbnQgSW50ZWdyaXR5IiwibmJmIjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJ1c2VyX2lkIjoiIn0pIlaa3NkZH39TOXgOjcwpxU3yobvFuDUDgM6RNeb0_lvm5HZMfl03D-cYyZssqFg0cO7zYUs0KF8OAPveST0H
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:31 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
874
Content-Type
application/json
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=572&sync=0&domain=whereisxur.com&url=https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://whereisxur.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8279b2466f679b5e-FRA
content-length
0
content-type
application/json
date
Fri, 17 Nov 2023 17:29:32 GMT
debug
OPTIONS block
expires
Sat, 16 Nov 2024 17:29:31 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/
99 B
290 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=572&sync=0&domain=whereisxur.com&url=https://whereisxur.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwhereisxur.com%2F&ref=&_it=amazon&partner_id=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd60b4842a0f2c2526b0b678cb6e310533782795b3876c95677ff629f4deeaf

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8279b24768c49b5e-FRA
map
bcp.crwdcntrl.net/6/
60 B
333 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fc6bb8a191839754ae1dfdb5ba224e6d3319218dd48e05722f5801610d16a007

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache
x-server
10.45.19.57
access-control-allow-credentials
true
content-length
60
expires
0
gql
gql.twitch.tv/ Frame 46E6
438 B
440 B
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1080cddf5b2d06d093b79ecdbf5d4052988ffbe3d8c3ac5063a7e7b512e9ba47

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Integrity
v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiI4MS45NS41LjM2IiwiZGV2aWNlX2lkIjoiMmQ1ZjNlNTJmNTNjOTQ2NCIsImV4cCI6IjIwMjMtMTEtMThUMDk6Mjk6MzFaIiwiaWF0IjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJpc19iYWRfYm90IjoidHJ1ZSIsImlzcyI6IlR3aXRjaCBDbGllbnQgSW50ZWdyaXR5IiwibmJmIjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJ1c2VyX2lkIjoiIn0pIlaa3NkZH39TOXgOjcwpxU3yobvFuDUDgM6RNeb0_lvm5HZMfl03D-cYyZssqFg0cO7zYUs0KF8OAPveST0H
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:32 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
253
Content-Type
application/json
deflate.min.js
live.primis.tech/main/js/ Frame 4908
13 KB
8 KB
Script
General
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:08 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64db4a50-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
qUUtIbBndmPhMOy8UoIQNFsRrMPgcjxniNZou8_gEbjec-geSGva_w==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 4908
39 KB
20 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hQgrTLIbnuVKglyPmygUiExv2qw1Vo_VavMRrnXq0CLQ0b1dYVMbzQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 4908
64 KB
21 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7kia7o2cBexhjeXr0-uusGvhoNOlOutGC2K1KaIYwA_6_995uXBKOA==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 4908
19 KB
8 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fWEx47127thfk5b4_stlqBXCQ9bnwoQaUEHju2aTtCWdRe7ChfJZ2A==
expires
Sat, 16 Nov 2024 17:29:31 GMT
DetectGDPR2.v1.2.js
live.primis.tech/content/ClientDetections/ Frame 4908
8 KB
4 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.2.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0fec52a54d0ba3b284b34c52b7dbb54cac2c673a14c259320d98782576cf0ac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 09:17:12 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"653f7498-2151"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZCeioIPz5-MDwYbpKhRX60rtdKENMzBQpknGzDNcaalW9o8XQpG36g==
expires
Sat, 16 Nov 2024 17:29:31 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4908
8 KB
3 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NPM86j-yM7XYmzyCZXD0VNnpKD0t-3ocaabEnAzjLnzA7rIVfT0LbQ==
expires
Sat, 16 Nov 2024 17:29:31 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 4908
258 KB
115 KB
Script
General
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
B8WEtbKsnEgIHRrVwSpmPweT8SjAzCJ_aX_8VgU8ghuDuOmFg69BLQ==
expires
Sat, 16 Nov 2024 17:29:31 GMT
prebidVid.7.16.0_18.min.js
live.primis.tech/content/prebid/ Frame 4908
527 KB
264 KB
Script
General
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
de495615086d5c815a2b07dddb246c9ad6ca96f6f44de4975424586b5b91fbe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 09:16:09 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"65548c59-83ac7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sfZs1wzejIPzQW7BlWBlLYzN_Cd50jaBp_HlufUfMrcPhwVwt4BYAQ==
expires
Sat, 16 Nov 2024 17:29:31 GMT
liveVideo.php
live.primis.tech/live/ Frame 4908
568 KB
225 KB
Script
General
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_3f116400,1&playerApiId=netw0rkN&cbuster=1700242168333&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&s=111054&cbuster=1700242170&pubUrlAuto=https%3A%2F%2Fwhereisxur.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkYlMjIlN0QlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ea01f25b5e356cabd0e986152cb3b58943a497c3516a1201e4536c83554b8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sIRDMUxDAtZuNDVimcqOdLlC9zThhCuvDgB8rlIJJneyo1EIHQuKeg==
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
447
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:31 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame C4A2
1 KB
1 KB
Fetch
General
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=26301
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.cfd37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/
Resource Hash
3981d810e25806d10935afc217326812079779cfe50162ef4f0cd4eb0126a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
340
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
XXw_3fktUGX18gQcoDJJ12duZGCP2wR89eAUriwrIQJ-nL6Oy2Mypw==
pixel-logo.png
whereisxur.com/wp-content/uploads/2015/10/
95 B
481 B
Image
General
Full URL
https://whereisxur.com/wp-content/uploads/2015/10/pixel-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1420840
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
content-length
95
last-modified
Wed, 02 Aug 2017 03:17:22 GMT
server
cloudflare
etag
"59814442-5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xX%2Fn0P0e4VDfapynKUurOYBWwWiyJkvGv0C36Bv9ukonFJX2fswRttYV7AAWn2v39%2B%2BiSJfdciA1Nt86T%2FtfLUgRkL4n2FxA4u13YBg7rFA8JchXwecbO1ZvebiLK0sifOaujCsX7%2FotMrt8xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8279b246dedc9b3a-FRA
expires
Thu, 31 Oct 2024 06:48:51 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame C4A2
1 KB
1 KB
Fetch
General
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=26301&consentLanguage=en
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.cfd37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-116.ams1.r.cloudfront.net
Software
/
Resource Hash
3981d810e25806d10935afc217326812079779cfe50162ef4f0cd4eb0126a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=873366&consentUUID=null&requestUUID=87826061-c531-4631-b7ce-714b5232df53&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
341
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
-tzLCohyICkd9k2g7fs8oMfjDD4Gsm40ktrZZIoqlCVsujhzWS6DOA==
PubCol_Powered.svg
kumo.network-n.com/images/ Frame C4A2
5 KB
3 KB
Image
General
Full URL
https://kumo.network-n.com/images/PubCol_Powered.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2f1ac97daf011cd6244f37431bf0fc452cbb8d48fbab70f28cf1274b321022e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/03/2023 15:04:14
cdn-pullzone
411106
last-modified
Tue, 24 Oct 2023 14:37:25 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6537d6a5-15b3"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
15250acaba1ac1a31bb381b2d7f144d0
cdn-requestcountrycode
DE
cdn-status
200
expires
Sun, 03 Dec 2023 15:04:14 GMT
ea5627aa-bbf0-4efd-a031-232284d055bd-profile_banner-480.png
static-cdn.jtvnw.net/jtv_user_pictures/ Frame 46E6
317 KB
318 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/jtv_user_pictures/ea5627aa-bbf0-4efd-a031-232284d055bd-profile_banner-480.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a71e4478f3159e44575ede4e16715f0e67f9d159f7ce06fcaddb06fa6dca7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:57:50 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
8498
x-cache
Hit from cloudfront
content-length
324400
last-modified
Thu, 16 Jun 2022 21:07:36 GMT
server
nginx
etag
"81c1b9900add5e6c6b4f900c015671ba"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
jjmOSQQ3QeGRZZvQuCRWPvCNsrD5B3L7wYVZZUXkbtQjJFz2C46VkQ==
expires
Fri, 17 Nov 2023 19:07:54 GMT
thumb0-320x180.jpg
static-cdn.jtvnw.net/cf_vods/d1m7jfoe9zdc1j/3b9656ea75494cf58bbb_whereisxur_42037747785_1700236835//thumb/ Frame 46E6
14 KB
15 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/cf_vods/d1m7jfoe9zdc1j/3b9656ea75494cf58bbb_whereisxur_42037747785_1700236835//thumb/thumb0-320x180.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9353007d3d2802f7f33574031231b92924525b2aa7190c28d154d1cecdf08499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:27:20 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
132
x-amzn-requestid
e707f940-f5a3-4981-b448-442f03c66d13
x-cache
Hit from cloudfront
x-amz-apigw-id
OjZShHGLPHcFVAw=
content-length
14331
last-modified
Fri, 17 Nov 2023 17:08:48 GMT
server
nginx
x-amzn-trace-id
Root=1-6557a276-10f7126dd1fb21b414339342;Sampled=0;lineage=52d5fd54:0
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
yQy64kQdl4iZ-ZtgK8esOLZzYaeuUOGLfC29aRSXnptAIU7YXG1zug==
expires
Fri, 01 Dec 2023 17:27:20 GMT
Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCf...
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 46E6
0
0
Fetch
General
Full URL
https://video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCfwICI3y7KugiedBPhy-knnOpFvx65v9h17I0_hpXJq_eHz1uCYkg1UVPh_JFGuuAaH9rKabqHK5z-aaVvbZbDaK8ovwkcr3uA27jy15tj2qqryIeO28NN0g-gy7-I24XkTObD_v2oKrWweLtiVurd2iaVqNHAoO5xkaacafcRE_1mcZFBNw5uopM5mz4G3xQL6JnLTq9pVw0fUym7K7aQyKa1QdyHZeH6eRcYqCI4kSBHK58-xuxcKT2uhvlR1pzbMa784-iRgQ3ySoENWv_5L0Xcanf1sRukokFG970ZJMhi4oEjJ_rtivg7a46p1PzQx36Tmfd1QiuOIPZ87OXLzPWP9JNzeovo7KhZQIZMZLYxZZhTWujA4SdbPz5oJ0w8Jqk8guCJ3Sdc_8vnPN2ve-EvHUWjTKTrcRWd25fM5JEaGLg4BQy6XVeOcp76BwRUQLVK40GfUT0USbDg6JqeiK878BBXgnXEqIwopj07M-mh8h07FJ50urRI4k4qasgSLVjAdObiwep03f3B6RoqoweJPwx6ok_U1dbjBa96ihC7_RywYyNZJ7MpWKTkpm.ts
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.132.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-132-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://embed.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:32 GMT
vary
Origin
access-control-allow-methods
POST, OPTIONS, GET
gql
gql.twitch.tv/ Frame 46E6
438 B
441 B
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
761ab284d01584503082019cbbbdc641a54b4fb7db3c636e563c6e709cb6adee

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Integrity
v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiI4MS45NS41LjM2IiwiZGV2aWNlX2lkIjoiMmQ1ZjNlNTJmNTNjOTQ2NCIsImV4cCI6IjIwMjMtMTEtMThUMDk6Mjk6MzFaIiwiaWF0IjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJpc19iYWRfYm90IjoidHJ1ZSIsImlzcyI6IlR3aXRjaCBDbGllbnQgSW50ZWdyaXR5IiwibmJmIjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJ1c2VyX2lkIjoiIn0pIlaa3NkZH39TOXgOjcwpxU3yobvFuDUDgM6RNeb0_lvm5HZMfl03D-cYyZssqFg0cO7zYUs0KF8OAPveST0H
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:32 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
254
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
308
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:32 GMT
572
a.ad.gt/api/v1/u/matches/
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/572?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwhereisxur.com%2F&ref=&_it=amazon&partner_id=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bd4bb90eb416c194ee26f808ee2edec03706c98bfc052c7394a77309bc1e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 17:25:19 GMT
server
cloudflare
age
253
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8279b248ba4592a1-FRA
primisslate.css
live.primis.tech/content/video/css/
18 KB
7 KB
Stylesheet
General
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"647db3ea-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7lTqyCDQ0g1PUkiGSn0bnHmQIYZOF1am9iYCxJlmvW5euXdxgFu4FQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4908
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:34:38 GMT
content-encoding
gzip
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
3295
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
72ZjbopZyjHXHpRNSyMnq5KfA1yDQR0q134gcNIb7WT4r0pOyf2Hqg==
css
fonts.googleapis.com/
2 KB
585 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 16:41:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 17:29:32 GMT
liveView.php
live.primis.tech/live/ Frame 4908
94 KB
11 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlODU4OCUlRaZcZGViXmYjOWJuZTZuODRyMTt1MmA2Mmt0ODIyMxZ2nWQ2NTU0ZTVvZTqvOWYlNTpjODplMwx2Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STROVGp0TDNnpFcHVaZYryy3T1qKnFcUWzuPRFJfTVRaMU16QTJNrzpjT0RJqzRgoGgOnyUkTxqVMVygVTNZnzkgTWcVM01EZmNNnxx1Tzx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EQXqPRFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TURJNE16TXqNQXA5LwVzpax3TUNSVC03RGqxR1xkn0qVrDBKoE9mWaVcoWyEVHVkNHcJMxkeRwAzqzyxX2NioaRyoaRsnWQ9Mmt0NmI2NlZ2nWRsY29hqGVhqF9xZXNwPUNbqWNerSgwo21yplg0olgEZWFxK2J5K0RurWkcZ2u0JaZcZF9wo250ZW50X3RcqGkyPUNbqWNerSgwo21yplg0olgEZWFxK2J5K0RurWkcZ2u0JaZcZF9wo250ZW50X2R1pzF0nW9hPTU2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTElMTp5Jat9MmUjJax9MTx3JaB1YyVloD1bqHRjplUmQSUlRvUlRaqbZXJynXN4qXIhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmElRDMkMmp1RwMkMmx3RDqCNmMmMTM3MmImMmM0MmAmMwM5N0Q3QwQmMmUmNmqEN0I1MmY0MmI2ODZDNwM2RDU2NmA2MmMmNwtmMTYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMmMmxmMTM5N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaqbZXJynXN4qXIhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMzIyM0EyM0E5JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMTxhMC42MDQ1LwE1OSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsM2YkMTY0MDAyMxMkJaBfYXyypxFjnUyxPW5yqHpjpzgOJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1NTquMzZvOTM3N2MzY2J1p3Rypw0kNmAjMwQlMTplMmE4Jzg2X2VhY18kPXVloCUmRCUlRvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
539dafd024f16c8926e15e864e8da3f93e3560cdd5ac411ca2ba86dc5f29ad5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
11207
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whereisxur.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
zrFTRXqgCrZLLVOKtnxX5NYCoO1-uvv8JEu5s-3Fye725JzRDZ-mnw==
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
443 B
1 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dff98bad9db2e356ecc83f0b125d0c3e691a923048bbd03572b3a6c757b7f7cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:27:45 GMT
via
1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront), 1.1 93d70a809cf3aeccfbe0810f5e50a6fe.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
3707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
443
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"5898eb2b2ed3f5e1783533cfa17c5e60"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
4mhwxOdk-OcvresmX5yjtIqHsOKLFyTgJ6DLQ3vkYDpczVPYaDrlbw==
expires
Sat, 18 Nov 2023 16:27:45 GMT
liveView.php
live.primis.tech/live/
0
343 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjMDI0MwE3MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEkMDU0JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXqbZXJynXN4qXIhY29gJaN1YxyxPXqbZXJynXN4qXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMTJEMmEmNmVGMmEmOTqEN0I3MmMkMmpmMwMmMmQmMDMlMmx3RDqCNDMmNTM3N0Q3QwUmNwQmMwY4NxM2MmZENTY3MDYmMmM2ODMkNwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmMmOTMkMmx3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MzEjMSUmQTRuMCUmQTJvJTNBJTNBOSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTxhMC42MDQ1LwE1OSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwU1N2ElZzI5Mmp3YlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmAjMwQlMTplMwp5JaVcZD1TZWgcozRiU1BfYXyypwY1NTquMzZvZDJxOWUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq2uypzVcp3u1pv5wo20yMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1jpzVvnWQzpHucZD0mYTMlYTY1NmNvNDE0YmFvMDRvYzFzY2Q0YTFzMGU0NA==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Tc9BNgpcSRKwsM3clembmxQMGYVLq2Nw0lewlZaF0gVemskCZWKD1Q==
vid6554e5be7b9f2570872296.jpg
video.primis.tech/uploads/cn1/video/users/converted/28588/video_609bae6a84e18530638482/
23 KB
24 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.jpg?cbuster=1700062808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5401418c9e294a9be8a00fb66139a2eb82eb04cf5c5d0ab85ec7acd14157435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:40:58 GMT
via
1.1 007ce3e1b06f57ef1a8d55f0923f723c.cloudfront.net (CloudFront), 1.1 e963d9388521b938ab0c2d19e2400bee.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
85714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23729
last-modified
Wed, 15 Nov 2023 15:40:09 GMT
server
nginx
etag
"20b20f495fa0c3f5f3c43e5299d1081b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
TvVreijzT302CDW6gS8C9HAdDv_1VVDQHv5TrVGVQUI9X1wkaYnQoA==
expires
Fri, 17 Nov 2023 17:40:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:45:25 GMT
x-content-type-options
nosniff
age
355447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 14:45:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://whereisxur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
323961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:11 GMT
liveView.php
live.primis.tech/live/ Frame 4908
159 KB
15 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlODU4OCUlRaZcZGViXmYjOWJuZTZuODRyMTt1MmA2Mmt0ODIyMxZ2nWQ2NTU0ZTVvZTqvOWYlNTpjODplMwx2Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STROVGp0TDNnpFcHVaZYryy3T1qKnFcUWzuPRFJfTVRaMU16QTJNrzpjT0RJqzRgoGgOnyUkTxqVMVygVTNZnzkgTWcVM01EZmNNnxx1Tzx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EQXqPRFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TURJNE16TXqNQXA5LwVzpax3TUNSVC03RGqxR1xkn0qVrDBKoE9mWaVcoWyEVHVkNHcJMxkeRwAzqzyxX2NioaRyoaRsnWQ9Mmt0NmI2NlZ2nWRsY29hqGVhqF9xZXNwPUNbqWNerSgwo21yplg0olgEZWFxK2J5K0RurWkcZ2u0JaZcZF9wo250ZW50X3RcqGkyPUNbqWNerSgwo21yplg0olgEZWFxK2J5K0RurWkcZ2u0JaZcZF9wo250ZW50X2R1pzF0nW9hPTU2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTElMTp5Jat9MmUjJax9MTx3JaB1YyVloD1bqHRjplUmQSUlRvUlRaqbZXJynXN4qXIhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmElRDMkMmp1RwMkMmx3RDqCNmMmMTM3MmImMmM0MmAmMwM5N0Q3QwQmMmUmNmqEN0I1MmY0MmI2ODZDNwM2RDU2NmA2MmMmNwtmMTYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMmMmxmMTM5N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaqbZXJynXN4qXIhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMzIyM0EyM0E5JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMTxhMC42MDQ1LwE1OSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsM2YkMTY0MDAyMxMkJaBfYXyypxFjnUyxPW5yqHpjpzgOJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1NTquMzZvOTM3N2MzY2J1p3Rypw0kNmAjMwQlMTplMmtjJzg2X2VhY18kPXVloCUmRCUlRvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a76826ca1c189687ef0332e7772049eba3fa15fb151c68580f3a455b6bf390a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
14569
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whereisxur.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
hUNr-hes1_FeVKUtA7XozmZjU_f-2Tmh0eZF9RvrPkGMt9Hpva-ERQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4908
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 08:08:11 GMT
x-amz-cf-pop
FRA56-P3
age
33682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
NVlxOzhOPm36DsocSEeURNZL0ucoy_fqNQ2rl81XRQDVsOcdaiuZzA==
Roobert-SemiBold-2c9de19c87721c9bcb39.woff2
static.twitchcdn.net/assets/ Frame 46E6
28 KB
29 KB
Font
General
Full URL
https://static.twitchcdn.net/assets/Roobert-SemiBold-2c9de19c87721c9bcb39.woff2
Requested by
Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fad8328cacab619d02d3bda1c976adb0f7d45322a441d032dce13a97d8927372

Request headers

Referer
https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 08:25:53 GMT
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4525419
X-Vicarius-Region
fra
X-Vicarius-TransactionID
117776580
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28948
Last-Modified
Tue, 23 Feb 2021 20:18:45 GMT
X-Vicarius-Hits
-1
ETag
"df85158a0012c224b0216b7a2b287cdc"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
cANBIRLGv23Yhh6kIfrUEZQ7XIJBIycXoIrePbFx6a7A-0tYdxeCVw==
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
413 KB
414 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9fb81e868be5805e1144235dabf38abd4774653abccf6dc4553e6d2a7b05ee77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:46:34 GMT
via
1.1 fddeb097bdbf2e427754f44bdb16203c.cloudfront.net (CloudFront), 1.1 93d70a809cf3aeccfbe0810f5e50a6fe.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, LHR50-P3
age
2602
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
422436
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"c8f4223d404227ed5a9ada5de9d68ebf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
dVJTZn1IyHEpMR3Ro197FDcvpBTEf9WJLh3wYlhFvse6sfloaZzE2g==
expires
Fri, 01 Dec 2023 16:46:08 GMT
vid6554e5be7b9f2570872296.jpg
video.primis.tech/uploads/cn1/video/users/converted/28588/video_609bae6a84e18530638482/
23 KB
24 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.jpg?cbuster=1700062808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5401418c9e294a9be8a00fb66139a2eb82eb04cf5c5d0ab85ec7acd14157435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:40:58 GMT
via
1.1 007ce3e1b06f57ef1a8d55f0923f723c.cloudfront.net (CloudFront), 1.1 e963d9388521b938ab0c2d19e2400bee.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
85714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23729
last-modified
Wed, 15 Nov 2023 15:40:09 GMT
server
nginx
etag
"20b20f495fa0c3f5f3c43e5299d1081b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
iCQAVn93I30bPqKNQow0El7b6NvVpaYVBEVD1NXATk95Z15YhmkJow==
expires
Fri, 17 Nov 2023 17:40:58 GMT
1b73c5b9-3421-4a1a-87dc-bf121cc4f03b
https://whereisxur.com/
67 KB
0
Other
General
Full URL
blob:https://whereisxur.com/1b73c5b9-3421-4a1a-87dc-bf121cc4f03b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
968a0f5c-e5ed-4ba9-bf43-8be1f5b68988
config.aps.amazon-adsystem.com/configs/ Frame 4908
537 B
802 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/968a0f5c-e5ed-4ba9-bf43-8be1f5b68988
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
8d5f1b6f3f1296acbdcac2044d57a82324af86d9e67da95100950d1a2e7789f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:01:33 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1679
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
4L4yBx_aGbhzn0IlNKrl0tDINdwRzQK1FNSAbMChpZi43uWju6ovig==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4908
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwhereisxur.com&pubid=968a0f5c-e5ed-4ba9-bf43-8be1f5b68988
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
43d01d86dab8ab7a8f0181a0f7f6fc024e2648a42d5e91ba67d04e446b50e236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 13:02:08 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
16043
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://whereisxur.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
iFVaZJaMsW1V1rXnJN6ZCWJT-bgITrbvmS7hwKZlj4oa-0NhcqlnUg==
v1
btlr.sharethrough.com/universal/ Frame 4908
0
156 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.250.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-250-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://whereisxur.com
date
Fri, 17 Nov 2023 17:29:32 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 4908
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.250.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-250-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://whereisxur.com
date
Fri, 17 Nov 2023 17:29:32 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame 4908
1004 B
2 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c9d40ce2ffd160f99a1779168fba4773168986f866ba15cf1373b9bdbaea1fdd

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://whereisxur.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4908
185 B
471 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b36817a8f663f15268e57f1239930cdd703c6cacdbb7a4f5e5f75aaa56ae1b0c

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://whereisxur.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
openrtb
adx.adform.net/adx/ Frame 4908
0
531 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
hbjson
grid.bidswitch.net/ Frame 4908
24 B
365 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.190.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-190-56.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80910ee92e847e4c1e7253da9b87d93570b24b5cc905a10a41707ff5212484a9

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 17:29:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ Frame 4908
37 B
550 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2212b93f3327bb913%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwhereisxur.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwhereisxur.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F111054%2Fwhereisxur_com%22%2C%22adunitcode%22%3A%22adUnit_13%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221344e7595d6a11f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%22bb3d4f1d-5455-4f72-b8df-ba296b1f0fc6%22%2C%22sid%22%3A%22350x197%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F111054%2Fwhereisxur_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B350%2C197%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A350%2C%22h%22%3A197%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22network-n.com%22%2C%22sid%22%3A%22pa_3f116400%22%2C%22hp%22%3A1%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2228588%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a9558d17-6ffa-4bc1-b04c-0f62e2d0b6f9%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb58c3395f4ebf567fdc5ce79ae7f6f3e2f0171bb9a72f4b44abc77f8815473b

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91ej%2BsRQj6lWHkG4w6U7KSGWXtDqYttayQd40i%2FzmvNgWCGo5nKP8QqynS0EmKBp3ERPU115pdOoR3tBMEYJjM9nG%2BUUwbHtub8rXcgQkaLVA3u%2BZ%2BOme9EXGA8rRy%2FLNDzHpcTe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8279b24af9fb2bae-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
liveInternalSsp.php
rtb.primis.tech/live/ Frame 4908
25 B
510 B
XHR
General
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWygi2mbS%2FwUBqu8v6GJJ1zMhkm3Zx%2FYETqM%2BFcRE22kxUUgSfZNss4YUKVK2xgZrcjvjMQmZ4aBGp%2BPHv%2BYxPT8JjjsM4HbSaXX%2FijqrLO%2FDC7vhSH1Olb7fq015%2B%2FTUpltBBW1eMrtwvKwjNn67kfDXmrihPwT3S01P%2FJP0UapucqDNUWl6YoJY6tpEWqb18tYV%2BEdeBgq46fqA0abe6csHByiLEFpvFPzByJwrVNBauWgu%2B0UqzTQ9W4w8AP5NxC8Vm2VwqJo1tunYGu3x02UTdcbyCw9t2fh4%2FKPiX%2BIHUzDRP1A3v4243KKbmikrUKVL53yG19jJVeFxqKW6KmLyPrUodUib25NA%2Fg%2BWhg6vqxc9cCWh%2Bw6O1K%2BYpUJ1LOEn%2BB4EZfvL6anOCgElR72gPupt%2FkPd9B3SWmDdoAGB6Exs6ROcKaQSmzL5LP9siUH%2Bcl9jUScExHf%2BEJJJ93rTTP4NP2qNU%2BFiOP%2BLtLkZHKVryEtRs%2F355rO1rdBsxXgQj%2F%2BAv3fdWS60I2qBxHz%2By%2FvT2AgvvLJ%2Fv%2BnIEUrOVeyCVgx48MIft9QkNMqXzTsJtc6CzzopA0BjUeyiJulMGQjf6Hwr1zXyZi5SvIneimP4ecrYYpI3LsMKhyJg9vG3twJ8k0oCDMQoRu5Q8XuDK1I8whiIo5BBtl0ScC%2BhnDMWswKHQO42PbmIEUJadTV3O%2Fi6mtmPMXPm7Vs90KCFDpGiMv3KRw8JjzxnLzwN3oR1AipN3lDOP%2FRppLWDcvtn7RJgc2k4VyuJV4uYB2medHhgpp6JfIng12hP43f5oto9OC5tyA5NjsSWgdljmFp3VysnoCaogx4OJHGpbaCrZ1GnFuncKyepamNUyjZ1YwyR%2FECfJKthfNEb1dvPN%2BIOQODK7n6zFw7Ud2amtcQrZQfLHzSHlVEPZXE8LYP0NJaP0rxxL4LT3J8Uc%2F48CXFY%2Baxlg2COLPbGpxIC7oceNkUllP2mddJePJjQS5l3v6g6TgxKvqFUyYEkAmYIAw%2Br6Ekf84cjvKpuugN4OgU8kqJGsWrrDujIBy8C4caQ65wWtLoosxEpxEjLdLFYU3Z%2FWt%2BTj3Fqt75H8lBIJaK21iSyRvPyHzwZEqfjfvLpE7uQx%2FvOUG3tzLwO23cbL1j%2Fmw5oW9GdQWRRG9OUAyM%2FlZSmTYNtdLu3J0eNNWP4ikrbOYxhjnQ4aME1MTQIQXScJSVd%2BRCrynbkSMMbSmLeuYouaJSsOG%2Bh6uJiBfatpPnk2hYiMTII3OUe%2Flmll75RS2Jq29v8AKRowMQWdsrrlL9J8v6sY6hvnXNq0v2M98F4t8aAjybgMKgRqq4%2BYaY3NuNt8If7j80ZktBYhBdxGSd70n6wP00StkiFzNb54auWUnbD6ag6vABdhG5fEBO1O0YvGGo9ZPFjh0QG9lQYr1M7Lm%2FR2c1Qb2AKy9QJrJh78plCUIGGpXw%2BeDiUHIUB8HcoNQpc5lMGET6wAHqXNRpMI%2BWi6GlOKt56%2F79wjx%2BW7JcpeBlSwqAUQdb2Ns87QaSSquAvTzLsow%2F2R4tu%2F9gBvM7pV0QI1hnxbHXD6A9pvBqtIxlTVAs7F2FCo8u%2BBuNOLb%2FAuNkiGa0KgqN1aAb7xpulh9O8JEZZ6KD%2BFftEAnBi4K4RaiB3q1T4qxpuN0v167RhSDxeWf5u5Fez69yqyE2l8NN%2FDfQcjLpkaNIrsprcV8OcSTr1HAGayKQRaMbpIj7BKZs%2FDrGUMip1pWe5KJYeGMMiQVTf%2BkbgwjgRtq2xiAkRhC4oCfoq8U92C68TG8MJ2CxPhRrjwUstrGbGN3DqAuMw4b92R0C7B%2FiMda8I%2B5Vq%2Fzg21OmBstoJr5AAtRYhuMqcEgaj7rmXBy0OWQ4%2Bfk58k9yXkgx4yGhJY%2BBfJ2xHZ%2BEMMoXow%2F1kqfw%2FqaC2M%2FpVpRYOePAGolCm68WLWJgN5NLe6Fvo7Qh1cl0%2FyqC6yq%2Bz2nglT9xE53HqzSK4djnPa0QmOHv8mBIstw0dqY1HcpezQ6XvoVCHyxNybV2MVW17lggnNVidIXtKJ%2FT74dyt7ThpPtha2eYkODUnlSqExTcNOQKpKxxwpBca9h3LIXDd8e8uOFXziz%2BiD9urkjG8BeQk3T7D8%2BMEyhMioK%2Fg8q%2Fi314oy77D1O%2BFdUylLJuSxxZtnhbpKk8CUl7%2FG4IcZr4ejcRpIWkr3FyPJidy2XFXrmoykfDJkfKfrc7FvMEetwwObBjyGsc7D3mQ7jPr8rE34jOpou0JH5SxXXlAGpf5TgtsHjo8ojtsyLzivA8tQL5pL16CvAQ%2Br0GEViyaEGFBYApvYDDgoblpJ88tt2bOkULqQ589RAet9U9zd%2B5QrVgRc8BbIbrSWhbpfvq6ZeGueX8Hx1pDx1SgoY8BJyLSGJvx9eDvIDBk%2BN8SzEumXkFMVuvdxDkIiWrQJPKadZzBw7bVCh1zZ2l1YTMSvck6jiTv7zhY%2FrafZQezxIN4zdVQZKtOCj%2BBB7Ofry9e%2FCZ4MPlNYo3bpjk8YMeNkt%2BjDrNwDzCljzJJwqokrqLmLccB6Gp3am%2Bd4gnh8flcpimhhcXji1qQ4VYIKAMVcfoNuecGD2QuZ7JeOJyg3ReKef67e620Q8YkB84tBJt6bEGq4qy5pKezPqOPCmaNQ835V1S1sW6bCK7Ilx0W7SKjZ9XYx3KbGAVj0HV4fk8Ile5uhDRocq%2FSCTtsyCBCcXiZMdrAT4qkuToD9e56aWGOkTWcMVQIC%2F22TZOdYnfWBYpjtun0fxZItgRLHemIpSusHfb1wBk8EbHU%2BlE1tQrlC4kVb24OgoJzbMXapv4P%2FJ6IGcPe9uGcqsG9dW%2FXrfxGNApU1YXfwaz3AwAM6fLR0D6I0dBZ5%2FU%2Fg0ewfQ%3D%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://whereisxur.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
wqnl9HbE4b_a23yNEVGAUt9BE8VucCQcbE_YksagjzE0B82MiS8FWg==
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4908
67 B
415 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=30709922&componentId=prebid&componentSubId=mustang&timestamp=1700242172589&_fw_bidfloor=0.8&_fw_bidfloorcur=USD&pKey=-1762434722&_fw_gdpr_consent=undefined&_fw_gdpr=false&_fw_us_privacy=1---&schain=1.0%2C1!network-n.com%2Cpa_3f116400%2C1%2C%2C%2C&loc=https%3A%2F%2Fwhereisxur.com%2F&playerSize=350x197&video_plcmt=2
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://whereisxur.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700242172701092-334
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4908
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwhereisxur.com%2F&pid=b4ELZnPwXy97w&cb=0&ws=1x1&v=23.1108.2350&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A80%2C%22id%22%3A%22videoSlotOutstream%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!network-n.com%2Cpa_3f116400%2C1%2C%2C%2C&pubid=968a0f5c-e5ed-4ba9-bf43-8be1f5b68988&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
MFAM6AKP6J8KXMQQ8P6T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ydmQ5vydvC-r9PwE3g-TTZyyNeC5glmcFk14xZiaJQ44HwjScwvbJg==
segment
api.permutive.com/adv/v2/
37 B
101 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4a47a835a501c267d135dd61972c0552dda7c94feb409c74eebc926340f8d43f

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:32 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4908
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 17 Nov 2023 17:44:32 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 4908
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-39.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 4587dd93b6f56d2b3f35f25ef2cabe70.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
40842
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
MsCL0FkmGVkOPrjMX3mS0Jqy_P8yzIJL4H0B_2vwb0mA2D8WVbnjyQ==
hadron.js
cdn.hadronid.net/ Frame 4908
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwhereisxur.com%2F&ref=https%3A%2F%2Fwhereisxur.com%2F&_it=amazon&partner_id=572
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
1632
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8279b24afe64924a-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4908
154 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: whereisxur.com
URL: https://whereisxur.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
FXD5W0ZF7TED0SAQ
age
3486
etag
W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8279b24afc272c6b-FRA
x-amz-id-2
g2T0qSUW32YhYbYNClC4ExTrW+6Res8PeC3aCXIOKBKTLlONy5PIKE8Bpev+VexOtScYKluaygI=
features.community-points.components.reward-center-53ea23d5c9f1eab45e6c.css
static.twitchcdn.net/assets/ Frame 46E6
12 KB
3 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.components.reward-center-53ea23d5c9f1eab45e6c.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9f30fbff4739df789a1c0780726db8047d6f938c08fb6e1141c16073edac32d9

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 17:29:25 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
3110407
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
135239806
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 12 Oct 2023 00:25:57 GMT
X-Vicarius-Hits
-1
ETag
W/"c5622a212068a2612acf18c8ab004b31"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
6R3uvG29aQmZu8DhxbPxTdfZ_4zChw098fe55FLSLdrlOB4S9dH_9Q==
features.community-points.components.reward-center-e7a81825d0ac2a609c0c.js
static.twitchcdn.net/assets/ Frame 46E6
309 KB
74 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.components.reward-center-e7a81825d0ac2a609c0c.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e9f9e2ddc9d17d90d34de3e1fd1f0bd8e828d14243a1905d96ead586835e0939

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:36 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82796
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
170913076
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:25 GMT
X-Vicarius-Hits
-1
ETag
W/"8958a57f8bb3cbe9abfc75860522d757"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
4Lyvmnhi1Q5OtjJBM6_1Yi9uSe2bYFRPOexqQWCPU3SClwHhVwaV_A==
log_event
www.youtube.com/youtubei/v1/ Frame 77D6
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Goog-Request-Time
1700242172635
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PLawdnUsoaZA0-S6QEH1wYFVJgOKI0xxJh
X-YouTube-Client-Version
1.20231114.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtTcGNxQU44R044MCj3xd6qBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1700242168994&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C729%2C410&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 17 Nov 2023 17:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 17 Nov 2023 17:29:32 GMT
map
bcp.crwdcntrl.net/6/ Frame 4908
60 B
332 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fc969d00f9d7580d838302e9a78d3d559d1af95b48a5f24bd7481ea50ad80d64

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache
x-server
10.45.3.245
access-control-allow-credentials
true
content-length
60
expires
0
features.community-points.contexts.watch-streak-context.provider-8c97f9b327d916d8e800.css
static.twitchcdn.net/assets/ Frame 46E6
2 KB
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.contexts.watch-streak-context.provider-8c97f9b327d916d8e800.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
703b6b31a3f9e690101183b65316e55d718a6cb63df591e1c835de4e5a93660a

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 18:29:26 GMT
Content-Encoding
gzip
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
169206
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
169736101
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Nov 2023 03:58:16 GMT
X-Vicarius-Hits
-1
ETag
W/"173e3aacabdee735318daa4206a7d917"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Jafmmgqpqxlx7RU0Diba_dOk9Y09TMez_ArZpKeIpo9DOhIYRdvY8w==
features.community-points.contexts.watch-streak-context.provider-f8af06d3363898e170df.js
static.twitchcdn.net/assets/ Frame 46E6
75 KB
19 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.contexts.watch-streak-context.provider-f8af06d3363898e170df.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a1aa0a3ab46cd2c4d6fb378b0686641e95231b84731b4dd7cc35c498ed04ed3a

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:38 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82794
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171100911
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:27 GMT
X-Vicarius-Hits
-1
ETag
W/"492b842e47e990f34df801c3ace0c7c0"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
bRTvCAjDGD0MjAqrBVo_wKXevmqRls3SQuUAAuUVVE4_aOnCpW_Ycw==
features.chat-private-callouts.components.chat-private-callout-queue-6f085267cc96b5f77ee7.css
static.twitchcdn.net/assets/ Frame 46E6
3 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat-private-callouts.components.chat-private-callout-queue-6f085267cc96b5f77ee7.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9fbd5cb0b8e5613304b5103acf4ef13fcc647b0dbecee8b91ea8ea7b8889bd58

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 07:02:53 GMT
Content-Encoding
gzip
Via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
10059999
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
50578342
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 28 Jun 2023 18:20:46 GMT
X-Vicarius-Hits
-1
ETag
W/"fb5ba1951272ede22106d1d684f64590"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
_saW9lH3GMH0P4fpVji4yOHs5Yt4l3ZAC4nRvwCerTwss6JbRZJOFA==
features.chat-private-callouts.components.chat-private-callout-queue-1c334f07106ca09aa0d0.js
static.twitchcdn.net/assets/ Frame 46E6
186 KB
36 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat-private-callouts.components.chat-private-callout-queue-1c334f07106ca09aa0d0.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
496331f132ec417a40bf2fd20d3c230e2a28bcdf9f25c51705bc9c8d2af4e433

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:38 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82794
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171004501
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 02:31:26 GMT
X-Vicarius-Hits
-1
ETag
W/"13330b676440797554158e68660b17c3"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
-QwngdVkdsM4tJHABJCmxDjXCwG7S5FbqlBp5jKftk7Desy3S-GZrw==
features.bits-bac91cc1cc42dca149ad.css
static.twitchcdn.net/assets/ Frame 46E6
7 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.bits-bac91cc1cc42dca149ad.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
329a304e0c740eee44c108400f9852621c487b26199a28c82ed26e2aa0382092

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 17:30:19 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
1295953
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
155744670
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 01 Nov 2023 19:31:08 GMT
X-Vicarius-Hits
-1
ETag
W/"cc8c5594307584a22ba76ef1b24107e9"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
dnU9VmeJT5E-qaMGsfhhIRQVfMemfn4EK4dQjNWVkW3dPPVzRo9HLw==
features.bits-6228b303226ac4e6f263.js
static.twitchcdn.net/assets/ Frame 46E6
193 KB
42 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.bits-6228b303226ac4e6f263.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b494cb88d536d973909e640d9e06ac55f76132bb24c0ebac6c14cbb926df2762

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:38 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82794
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171002964
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:02 GMT
X-Vicarius-Hits
-1
ETag
W/"8857a808ebc92eed2ace754c884a8d5c"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
NQv0-WssggDh7DWBr3YQ75rEqPjgWumK1PGzqiTWTRhuIkPEikU-FA==
icon-1.png
static-cdn.jtvnw.net/channel-points-icons/402887032/eeb00cd0-339d-45f8-aa17-be0a09855076/ Frame 46E6
2 KB
3 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/channel-points-icons/402887032/eeb00cd0-339d-45f8-aa17-be0a09855076/icon-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a337d82452c6ee0bee91099249c74b0e98d3f7054afb25a4938d734f1af3de9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:25:11 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
4704
x-cache
Hit from cloudfront
content-length
2450
last-modified
Fri, 20 Dec 2019 16:13:37 GMT
server
nginx
etag
"1988dcc0e9f9d8b4d6127741eb0285d8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
nR_tonbuIR6ZxkHVwsEgUUhGgvUtYPCRlAgwILRnkMl9v320m8s9fQ==
expires
Fri, 17 Nov 2023 20:11:07 GMT
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
308
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:32 GMT
gql
gql.twitch.tv/ Frame 46E6
294 B
379 B
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2fa06ecf6d3ce7834d4cbb4042d1757fe6186261f3ca2414cf372860eb6ea3b7

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Integrity
v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiI4MS45NS41LjM2IiwiZGV2aWNlX2lkIjoiMmQ1ZjNlNTJmNTNjOTQ2NCIsImV4cCI6IjIwMjMtMTEtMThUMDk6Mjk6MzFaIiwiaWF0IjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJpc19iYWRfYm90IjoidHJ1ZSIsImlzcyI6IlR3aXRjaCBDbGllbnQgSW50ZWdyaXR5IiwibmJmIjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJ1c2VyX2lkIjoiIn0pIlaa3NkZH39TOXgOjcwpxU3yobvFuDUDgM6RNeb0_lvm5HZMfl03D-cYyZssqFg0cO7zYUs0KF8OAPveST0H
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:33 GMT
Content-Encoding
br
Connection
keep-alive
Content-Length
192
Content-Type
application/json
features.chat-settings.components.chat-settings.component-5f78f3dce19cbb76d81d.css
static.twitchcdn.net/assets/ Frame 46E6
6 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.chat-settings.components.chat-settings.component-5f78f3dce19cbb76d81d.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
75eb43bcb7d2f76613b5ce78b01e26c6ce1ed2c28b6bc70608d8b030defa6f9f

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 18:04:19 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
5441113
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
106189191
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 24 Aug 2023 21:54:24 GMT
X-Vicarius-Hits
-1
ETag
W/"43d2f3c4aa6e1ffba564bcaf06fa8ebc"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
5QdUKV7jh_3otQVr1v1-WqR67gc1rX4Bz4PNUhkjHUwbE4ECSKmfNQ==
features.chat-settings.components.chat-settings.component-9b89a8fb9a4de874beba.js
static.twitchcdn.net/assets/ Frame 46E6
258 KB
47 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.chat-settings.components.chat-settings.component-9b89a8fb9a4de874beba.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d64cdfc4dc204a4e869f4c78fcf122bad7fc589a2eacdd7afccbd2181414dc7a

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:39 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82793
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171001346
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:12 GMT
X-Vicarius-Hits
-1
ETag
W/"142ab04b0faba985ae4cf5bf41c21be3"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
lXOuTZ0ie9XQM2ZnGY1-BRVnfxsK3wKvu4A5YM1KxSYmxLpad2Dvfg==
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
405 KB
405 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b885cd947db565b8e7da19deadb39decaed132163b6ba70ddb717a7255a7f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:46:35 GMT
via
1.1 7189b8cad57dc2d1ab0dd5f90144f2a2.cloudfront.net (CloudFront), 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
age
2602
x-amz-cf-pop
SFO5-P1, LHR50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
414540
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"a8dfbc38ac12b702e47e7e48871204f0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
RKYzNx0fmB0-aZC0Irs83ARazQ1C2taafnRdoJVZig3yALkv2H7q0g==
expires
Fri, 01 Dec 2023 16:46:09 GMT
features.emote-picker-a2dd18139f5984d293c5.css
static.twitchcdn.net/assets/ Frame 46E6
5 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.emote-picker-a2dd18139f5984d293c5.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fe570993c6522b9caf1ab960dae0ebcf505e00f3a2ede9d10493fe2a83c7f623

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 16:13:39 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
2164553
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
146375956
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 27 Feb 2023 20:31:41 GMT
X-Vicarius-Hits
-1
ETag
W/"25662d5b8d1270e6638f55b9a335d30a"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
7AmlsakukArp5ZsOwLf6ynsPPYhi1Zkvpx74OSpoxFgtdINL3PTNMA==
features.emote-picker-8564b589b561c3c1430e.js
static.twitchcdn.net/assets/ Frame 46E6
94 KB
23 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.emote-picker-8564b589b561c3c1430e.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4ed88a91bbef5181fa205a1645a6564a6801533291e1ac71fc2d514253f98f2a

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:39 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82793
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171121966
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:34 GMT
X-Vicarius-Hits
-1
ETag
W/"6e254771bd1d32386d5ee4e2091451b3"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
dx-vOmt4S38SbNdcasfAtqeQJfBnxvkFnOI1BNg4u_A0lI40-jFPOA==
features.channel-leaderboard-8b82d0d0910f23b92fda.css
static.twitchcdn.net/assets/ Frame 46E6
5 KB
2 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.channel-leaderboard-8b82d0d0910f23b92fda.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
93d6eba4724acbbe339334ab66fa72c68bd8a06b9f9d59c8af764e0770f1a0d6

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 18:33:01 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
2847391
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
138546822
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 17 Dec 2022 01:53:21 GMT
X-Vicarius-Hits
-1
ETag
W/"30ccbf1782ecca307ef5c4053372412c"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
1OhS70nRMeGaQ0rH_h-D0OPVVShF6-UhJ98pU-wTvqacYk0cPJrQ0Q==
features.channel-leaderboard-1778cfa5ef7a866abfd8.js
static.twitchcdn.net/assets/ Frame 46E6
64 KB
15 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.channel-leaderboard-1778cfa5ef7a866abfd8.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a78c1e4b9c3929cb8813cd757634d986854cdcbc944c82aac48db4e7be6a107e

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:40 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82792
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171100366
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:06 GMT
X-Vicarius-Hits
-1
ETag
W/"0d8573b42f379bfa6b4b87f9891ca14c"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
J2yJOaaFljOMBepXAOln8GNP5a48uHGEZN-ITwp-oU9HTZukxQ153g==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4908
365 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D31375F31397D7B7331373233343032397D7B4335377D7B536432686C636D5670633368316369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31333931397DFEFE&userIpAddr=2a01%3A4a0%3A2b%3A%3A9&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&kv_enc_1=url%3D%2F&isWePassGdpr=0&schain=1.0%2C1%21network-n.com%2Cpa_3f116400%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700242171&csuuid=6557a2fb9377c&debugInfo=17234029_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17234029&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2f93qxmlshvy&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwhereisxur.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=13919&flowMode=seenboth&isRealPreroll=0&playerApiId=netw0rkN&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwhereisxur.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Fri, 17 Nov 2023 17:29:33 GMT
features.last-x-events-5fe3c9e51e0767c04a69.css
static.twitchcdn.net/assets/ Frame 46E6
1 KB
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.last-x-events-5fe3c9e51e0767c04a69.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a9fc349c2b24d9a79160cc21a08c091cd8505d1c10e8c89d806d214d8ab04cff

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 00:06:12 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
9825801
Transfer-Encoding
chunked
X-Vicarius-TransactionID
52952786
X-Cache
Hit from cloudfront
X-Vicarius-Region
fra
Connection
keep-alive
Last-Modified
Thu, 16 Jun 2022 03:52:10 GMT
X-Vicarius-Hits
-1
ETag
W/"fb4f274b4b59f91f8abce28d19ab9c65"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Kc9HUm3wL6X5whF25aDmwWJG7EzdsagCg2gdO9aAC6Zs-dL_IjKX1A==
features.last-x-events-5053dfa1158b02ba0887.js
static.twitchcdn.net/assets/ Frame 46E6
16 KB
6 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.last-x-events-5053dfa1158b02ba0887.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
968b0bf39004c0eccac139d1649360e7c199a424ecc6c6748788e0e7a6748572

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 18:29:40 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
82793
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
171001349
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Nov 2023 01:01:42 GMT
X-Vicarius-Hits
-1
ETag
W/"89aa2928a925222f4d2bc79c4535d4cf"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
dkVsmlqSzqiMkUpzj2Vv8A1yJhz8g3xfZe-1cjRuEoJdm_Qnqi3NwA==
gql
gql.twitch.tv/ Frame 46E6
108 KB
14 KB
Fetch
General
Full URL
https://gql.twitch.tv/gql
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7c2b845f72a7f3873aedf22c690d3529076898d03fe61bad284628632435e2f

Request headers

Accept-Language
de-DE,de;q=0.9
Client-Version
0ddebaed-0567-468a-967f-106b5a86f9c6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://embed.twitch.tv/
Client-Integrity
v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiI4MS45NS41LjM2IiwiZGV2aWNlX2lkIjoiMmQ1ZjNlNTJmNTNjOTQ2NCIsImV4cCI6IjIwMjMtMTEtMThUMDk6Mjk6MzFaIiwiaWF0IjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJpc19iYWRfYm90IjoidHJ1ZSIsImlzcyI6IlR3aXRjaCBDbGllbnQgSW50ZWdyaXR5IiwibmJmIjoiMjAyMy0xMS0xN1QxNzoyOTozMVoiLCJ1c2VyX2lkIjoiIn0pIlaa3NkZH39TOXgOjcwpxU3yobvFuDUDgM6RNeb0_lvm5HZMfl03D-cYyZssqFg0cO7zYUs0KF8OAPveST0H
Client-Session-Id
d1d1be8f49985d9e
Client-Id
kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id
2d5f3e52f53c9464

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 17:29:33 GMT
Content-Encoding
br
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/json
gql
gql.twitch.tv/ Frame
0
0
Preflight
General
Full URL
https://gql.twitch.tv/gql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method
POST
Origin
https://embed.twitch.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Age
448
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 17:29:33 GMT
features.community-points.components.flame-animation-314a12d02d4204b12196.css
static.twitchcdn.net/assets/ Frame 46E6
2 KB
1 KB
Stylesheet
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.components.flame-animation-314a12d02d4204b12196.css
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
945664233770f946e3580a659f93b9d537b5d7ee6f44e5804e208834580b1b53

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 20:26:08 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
8629405
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Vicarius-Region
fra
X-Vicarius-TransactionID
67876661
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 17 Dec 2022 01:53:53 GMT
X-Vicarius-Hits
-1
ETag
W/"26710bb449239d09c84d1722967e27e1"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
WRwpeqVne0rrxc64tWgJyjh-kfvLOCvPSWhMrx_4K9tL8ac84jMTrQ==
features.community-points.components.flame-animation-fac47634e1f4512ab128.js
static.twitchcdn.net/assets/ Frame 46E6
30 KB
8 KB
Script
General
Full URL
https://static.twitchcdn.net/assets/features.community-points.components.flame-animation-fac47634e1f4512ab128.js
Requested by
Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=whereisxur&height=450&parent=whereisxur.com&referrer=https%3A%2F%2Fwhereisxur.com%2F&width=1000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c249b3736c445ad0db403a60ffe95ee1a6ddee03036558a41e134bd3e6a5cc76

Request headers

Referer
https://embed.twitch.tv/
Origin
https://embed.twitch.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 00:53:02 GMT
Content-Encoding
gzip
Via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Vicarius-TTL
70454.123/31465545.877
X-Amz-Cf-Pop
FRA56-C2
Age
3586245
x-amz-server-side-encryption
AES256
X-Vicarius-Region
fra
X-Vicarius-TransactionID
130269960
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7445
Last-Modified
Fri, 23 Jun 2023 19:31:35 GMT
X-Vicarius-Hits
1
ETag
W/"16fd4e01a36a689b12d860a59b1661c5"
X-Vicarius-Origin
fra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
n1umOL8NO6eyoGqSvfbrJ8UQT2rVQGSl2rRPLRQXjl-DGqOfJOAcag==
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
363 KB
364 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
874abb5bde831a43cc8dcaf7b06e410c0f9f999ad3d64c4b025948bdbb8ca260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:46:34 GMT
via
1.1 74a7ab693cbc57816008833fe2c7b1fa.cloudfront.net (CloudFront), 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
age
2578
x-amz-cf-pop
DFW53-C1, LHR50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
371864
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"3fe1413f8a5083edc6284919ca7a3414"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Md6auCq8aXpOEsomMzhGGlXSugPaTNj8fPV_yhb01ea5OSudY1HOTg==
expires
Fri, 01 Dec 2023 16:46:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4908
0
0

bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 19DE
752 KB
241 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
225291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 4908
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 17:29:33 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 193F
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:55:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4908
115 B
111 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwhereisxur.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97b33f2800a442fce3681433d58f17e702faf1bc9140d0a91aa4308275b28cd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86
x-xss-protection
0
expires
Fri, 17 Nov 2023 17:29:33 GMT
events
api.permutive.com/v2.0/batch/
101 B
126 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
df57b4222bf91a426fd24197c8ab6b8aa4f7dfd443c5a8288331314f8963eb2b

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://whereisxur.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
307 KB
308 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fe5a6983a1d1f9fefa2709ecba2a0462d600db113dbc93a1d8c4d220b48488e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:46:35 GMT
via
1.1 c9cf34e325f403e993adb63735f5db28.cloudfront.net (CloudFront), 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
age
2578
x-amz-cf-pop
LAX3-C4, LHR50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
314524
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"590f2d412ef2aba8d01d2a289d0b759f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
lvAbGsjb_QvdmYJVnwtZB-NI89dfL1B72nmnDlE3_jnlPqMJjSHwmg==
expires
Fri, 01 Dec 2023 16:46:35 GMT
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
406 KB
406 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b384de0559c992f200e0fb9ac5acf4b0dd3fdab5632ae2af7d7a525976c21f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:46:36 GMT
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront), 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
age
2577
x-amz-cf-pop
EWR53-C1, LHR50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
415480
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"b4c29ebbb522728347bf569da651e79a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
cOu2bN6hQIVTl0ta7FANj42TLa0Cax8Y85OTRL3nLCJQXm_68FUvRw==
expires
Fri, 01 Dec 2023 16:46:36 GMT
GiftBadge-Gold_72-6e5e65687a6ca6959e08.png
static.twitchcdn.net/assets/ Frame 46E6
5 KB
5 KB
Image
General
Full URL
https://static.twitchcdn.net/assets/GiftBadge-Gold_72-6e5e65687a6ca6959e08.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
813f4b67876b10ff82bf18f081d9011211d70afe8a2c88ffba673091e4febd5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 19 Aug 2023 00:55:03 GMT
Via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
7835670
X-Vicarius-Region
fra
X-Vicarius-TransactionID
77419252
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4762
Last-Modified
Tue, 23 Feb 2021 20:18:38 GMT
X-Vicarius-Hits
-1
ETag
"20bf457cab1a7e96d129a9ca6bd5354e"
X-Vicarius-Origin
fra
Content-Type
image/png
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
X-Amz-Cf-Id
S78Mmtdeca4Now8HpX0QjgHM9rae7ei68beWsffscBGmTQRsE07uKw==
2
static-cdn.jtvnw.net/badges/v1/8343ada7-3451-434e-91c4-e82bdcf54460/ Frame 46E6
724 B
1 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/badges/v1/8343ada7-3451-434e-91c4-e82bdcf54460/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c6a5a6e426455f743e25a4a135dc8401b975e39d49c1be70816bc4c0cddf3de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:14:48 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
890
x-cache
Hit from cloudfront
content-length
724
last-modified
Thu, 28 Apr 2022 22:12:53 GMT
server
nginx
etag
"9fac1b086555c172bce200ca0ccac924"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
7ua6XsN8383XsHAuxp50ZyHPj06Q5Dz-jn07mKx88IsoN623KnHnOA==
expires
Fri, 17 Nov 2023 21:14:43 GMT
GiftBadge-Silver_36-bb7c268e0452a2cdcc8d.png
static.twitchcdn.net/assets/ Frame 46E6
2 KB
3 KB
Image
General
Full URL
https://static.twitchcdn.net/assets/GiftBadge-Silver_36-bb7c268e0452a2cdcc8d.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
25d542878cf4249da27ed83294bd17f5668f75de7c816922831d2ef435af2581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 02:17:56 GMT
Via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
2473897
X-Vicarius-Region
fra
X-Vicarius-TransactionID
142697706
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2109
Last-Modified
Tue, 23 Feb 2021 20:18:39 GMT
X-Vicarius-Hits
-1
ETag
"3c828b0fbe79e3caa0876dfe5440764c"
X-Vicarius-Origin
fra
Content-Type
image/png
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
X-Amz-Cf-Id
aePsN6LBEQ5uo3xETYOzdBrXzUecFmy0boUelglWLKmGVmUFA_JknQ==
2
static-cdn.jtvnw.net/badges/v1/052a5d41-f1cc-455c-bc7b-fe841ffaf17f/ Frame 46E6
665 B
1 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/badges/v1/052a5d41-f1cc-455c-bc7b-fe841ffaf17f/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a54d42b9bc2347e2576eeab27723a3c8ee4eb8490a3122f00a6fb7fee31798d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:42:44 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
2819
x-cache
Hit from cloudfront
content-length
665
last-modified
Thu, 28 Apr 2022 22:12:42 GMT
server
nginx
etag
"04bb59ffa00de5aa156a98914f7d02ab"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
aFmBX_cLTy7fJ_VUgTGglj6eB7DOKie0J45IrGImXqTClbuhk6JcFA==
expires
Fri, 17 Nov 2023 20:42:34 GMT
GiftBadge-Bronze_36-fd0ee2ef5196b3414a2f.png
static.twitchcdn.net/assets/ Frame 46E6
2 KB
3 KB
Image
General
Full URL
https://static.twitchcdn.net/assets/GiftBadge-Bronze_36-fd0ee2ef5196b3414a2f.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3a1c836cc229655767e9bc1d9f14c6d48bc6b61bd40afc910e80e19c6b82f81e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 01:37:08 GMT
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
4377145
X-Vicarius-Region
fra
X-Vicarius-TransactionID
119738207
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2191
Last-Modified
Tue, 23 Feb 2021 20:18:37 GMT
X-Vicarius-Hits
-1
ETag
"cb90a834abc7154e39f87cd1687b2a0b"
X-Vicarius-Origin
fra
Content-Type
image/png
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
X-Amz-Cf-Id
eDAxNnNECODj17vHZLJ9Bex0CYF-361PIMEDU6RIhHfvjhfSDWq3lw==
2
static-cdn.jtvnw.net/badges/v1/d333288c-65d7-4c7b-b691-cdd7b3484bf8/ Frame 46E6
735 B
1 KB
Image
General
Full URL
https://static-cdn.jtvnw.net/badges/v1/d333288c-65d7-4c7b-b691-cdd7b3484bf8/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1586e123719e6ab46a6f9cd934adad61f8782a03f15b1ab5cd8d39e2b7f32c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed.twitch.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:27:44 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
12538
x-cache
Hit from cloudfront
content-length
735
last-modified
Thu, 28 Apr 2022 22:12:37 GMT
server
nginx
etag
"48688f564cc76cfeaf085805be214428"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
r_mHVwAq_zeIDMmKBmM8CKMD5tZeeCDzRlKqXpnyB9MXoS0_8ySbEw==
expires
Fri, 17 Nov 2023 18:00:35 GMT
Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCf...
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 46E6
0
0
Fetch
General
Full URL
https://video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCfwICI3y7KugiedBPhy-knnOpFvx65v9h17I0_hpXJq_eHz1uCYkg1UVPh_JFGuuAaH9rKabqHK5z-aaVvbZbDaK8ovwkcr3uA27jy15tj2qqryIeO28NN0g-gy7-I24XkTObD_v2oKrWweLtiVurd2iaVqNHAoO5xkaacafcRE_1mcZFBNw5uopM5mz4G3xQL6JnLTq9pVw0fUym7K7aQyKa1QdyHZeH6eRcYqCI4kSBHK58-xuxcKT2uhvlR1pzbMa784-iRgQ3ySoENWv_5L0Xcanf1sRukokFG970ZJMhi4oEjJ_rtivg7a46p1PzQx36Tmfd1QiuOIPZ87OXLzPWP9JNzeovo7KhZQIZMZLYxZZhTWujA4SdbPz5oJ0w8Jqk8guCJ3Sdc_8vnPN2ve-EvHUWjTKTrcRWd25fM5JEaGLg4BQy6XVeOcp76BwRUQLVK40GfUT0USbDg6JqeiK878BBXgnXEqIwopj07M-mh8h07FJ50urRI4k4qasgSLVjAdObiwep03f3B6RoqoweJPwx6ok_U1dbjBa96ihC7_RywYyNZJ7MpWKTkpm.ts
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.132.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-132-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://embed.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:33 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/
307 KB
308 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/28588/video_609bae6a84e18530638482/vid6554e5be7b9f2570872296.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d3:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fa2e140022cad17cefedd7e6ccb42498e76740a9033a8dc3dcc78c8c11ce4545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:40:59 GMT
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront), 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
age
172113
x-amz-cf-pop
EWR53-C1, LHR50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
314712
last-modified
Wed, 15 Nov 2023 15:39:09 GMT
server
nginx
etag
"e59a46a54a1ab71ded1e3fce48d01d05"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
IXaXIhoyRysQBvM7gDcKZ_k3RjykzfwITQzypI7RXQ6KlUM8ovD4WQ==
expires
Wed, 29 Nov 2023 17:40:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4908
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?fm=t&rt=xfp&lid=187&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804618%2C44808026&id=ima_html5&c=4444690912321144&domain=whereisxur.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 19DE
124 B
125 B
XHR
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F6928793%2FWhereisXur-627a691ae254f%2FWhereisXur-House-Instream-Nova1-637263cb08ff6&description_url=https%3A%2F%2Fwhereisxur.com%2F&env=vp&correlator=2038822693831859&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x480&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dwdvsfe&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=445&ptt=20&adk=3909290398&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=829EA3B6-EF6F-45DA-966B-8E667DF35ED5&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804618%2C44808026&ref=https%3A%2F%2Fwhereisxur.com%2F&url=https%3A%2F%2Fwhereisxur.com%2F&dlt=1700242171583&idt=1634&dt=1700242173631&scor=3171060904573813&ged=ve4_td2_tt1_pd2_la2000_er913.-1760.1066.-1460_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.permutive.com/v1.0/
0
34 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
csi
csi.gstatic.com/ Frame 19DE
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp2wah35&c=7057085477201&slotId=3528542738600.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame 4908
135 B
415 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://whereisxur.com
date
Fri, 17 Nov 2023 17:29:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 4908
0
0

id
id.crwdcntrl.net/ Frame 4908
43 B
315 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://whereisxur.com
cache-control
no-cache
x-server
10.45.8.104
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 4908
63 B
421 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2182711e675d8ed3d12df1216876469aa410cf62c64217cb43d9a78c283289fe

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 17:29:34 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://whereisxur.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 17 Dec 2023 17:29:34 GMT
usync.html
eus.rubiconproject.com/ Frame E920
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 17:29:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1403
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://whereisxur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
338
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8279b253ec7d9c01-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 17:29:34 GMT
expires
Fri, 17 Nov 2023 21:29:34 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 4908
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ee2c1d68-e9e9-43f4-8b66-a269175d8acb&gdpr_consent=null&gdpr=0
43 B
349 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ee2c1d68-e9e9-43f4-8b66-a269175d8acb&gdpr_consent=null&gdpr=0
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 17:29:33 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ee2c1d68-e9e9-43f4-8b66-a269175d8acb&gdpr_consent=null&gdpr=0
date
Fri, 17 Nov 2023 17:29:34 GMT
server
_
content-length
0
auto-user-sync
ads.stickyadstv.com/ Frame 4908
43 B
495 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 17:29:34 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700242174012009-336
sync
x.bidswitch.net/ Frame 4908
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=JnR7gpP_UZlFj4vJHde1l1FfBSQ&user_group=1&ssp=themediagrid&gdpr=0
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=188&user_id=JnR7gpP_UZlFj4vJHde1l1FfBSQ&user_group=1&ssp=themediagrid&gdpr=0
Protocol
H2
Server
3.126.169.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-169-233.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:29:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=188&user_id=JnR7gpP_UZlFj4vJHde1l1FfBSQ&user_group=1&ssp=themediagrid&gdpr=0
Date
Fri, 17 Nov 2023 17:29:34 GMT
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
9.gif
id5-sync.com/i/102/ Frame 4908
43 B
921 B
Image
General
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 17:29:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 4908
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3251851254478697778&gdpr=0&gdpr_consent=
43 B
329 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3251851254478697778&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 17:29:33 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3251851254478697778&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 4908
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3610603145680782508&gdpr=0&gdpr_consent=
43 B
353 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3610603145680782508&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 17:29:33 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3610603145680782508&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame 4908
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8391828075229934461&gdpr=0&gdpr_consent=
43 B
329 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8391828075229934461&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 17:29:33 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
an-x-request-uuid
35e04540-6f0b-4266-b1f2-1bdf7e63439d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8391828075229934461&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 4908
33 B
274 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7a5dbdc80b1c6d94861c97646f4549613fe4e22543d2ed5b61ef904a2f695e1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://whereisxur.com
date
Fri, 17 Nov 2023 17:29:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame E920
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 17:29:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65131
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:05 GMT
khaos.json
token.rubiconproject.com/ Frame E920
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
212.json
id5-sync.com/g/v2/ Frame 4908
251 B
530 B
XHR
General
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
0105057277e07731b3ae7035c0cf9a3093c595c673aacccbd2a21128c121d409
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://whereisxur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://whereisxur.com
date
Fri, 17 Nov 2023 17:29:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
csi
csi.gstatic.com/ Frame 19DE
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp2wahjo&c=7057085477201&slotId=3528542738600.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804618%2C44808026
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/
0
343 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTpjMDI0MwE3MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEkMDU0JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXqbZXJynXN4qXIhY29gJaN1YxyxPXqbZXJynXN4qXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMzIyM0EyM0E5JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOS4jLwYjNDUhMTU5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTU3YTJzYwxmNmqwJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MDAlNDIkNmQmODMzqWyxPVNyn2yhZG9TUGkurWVlNwU1N2ElZzJxMzQ5ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3nGVlZWymrHVlLzNioSUlRvZzoG9uqFN0YXR1pm10paVyJzVcZHNjPXBlZWJcZCZjrGyxPTAmNmImMGIkMmtmYTMjY2Y5NmFvMTZuNTx0ZzFxNzQ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2251:8400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://whereisxur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 17:29:34 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Lgxq12N1yOkM6xAZ28i8oDhMGoVFd-Aj6zuHvc2oFNk_XHVuRil9pQ==
Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCf...
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 46E6
0
0
Fetch
General
Full URL
https://video-edge-2c9abf.pdx01.abs.hls.ttvnw.net/v1/segment/Cuu9YcP9UIrzlMhLz_mnPqe2K6s62QtZbM1TNDFt38lymcFG2BP_i2ko0oIxJQD1IOqtyI_QztMJ9w96XlUeIUOI92ogZmfXd2xbfuPrVRH2pf9RiH49LJzRCHWYsvMZPhtBQgxCLOK3KiUObu7qLRwPOhvZ1QyF293WP1KIj1jO2_MtfJsXm5UPltrL_BHlsHfCfwICI3y7KugiedBPhy-knnOpFvx65v9h17I0_hpXJq_eHz1uCYkg1UVPh_JFGuuAaH9rKabqHK5z-aaVvbZbDaK8ovwkcr3uA27jy15tj2qqryIeO28NN0g-gy7-I24XkTObD_v2oKrWweLtiVurd2iaVqNHAoO5xkaacafcRE_1mcZFBNw5uopM5mz4G3xQL6JnLTq9pVw0fUym7K7aQyKa1QdyHZeH6eRcYqCI4kSBHK58-xuxcKT2uhvlR1pzbMa784-iRgQ3ySoENWv_5L0Xcanf1sRukokFG970ZJMhi4oEjJ_rtivg7a46p1PzQx36Tmfd1QiuOIPZ87OXLzPWP9JNzeovo7KhZQIZMZLYxZZhTWujA4SdbPz5oJ0w8Jqk8guCJ3Sdc_8vnPN2ve-EvHUWjTKTrcRWd25fM5JEaGLg4BQy6XVeOcp76BwRUQLVK40GfUT0USbDg6JqeiK878BBXgnXEqIwopj07M-mh8h07FJ50urRI4k4qasgSLVjAdObiwep03f3B6RoqoweJPwx6ok_U1dbjBa96ihC7_RywYyNZJ7MpWKTkpm.ts
Requested by
Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.132.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-132-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://embed.twitch.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 17:29:34 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/B1gMwejYlJw
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/190c935f/www-player.css
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/embed.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwhereisxur.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34

Verdicts & Comments Add Verdict or Comment

399 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| jQuery function| $ function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| nnads object| AdSlots object| FontAwesomeKitConfig object| adsbygoogle object| Twitch object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| loadScript object| et_link_options_data object| _qevents object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| google_user_agent_client_hint object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| googletag object| pbjs object| gaGlobal object| gaplugins object| gaData object| _localCS object| _comscore function| __tcfapi function| __uspapi function| generateAdSlot function| refreshAdSlots function| destroyAdSlots function| excludeAdSlots function| getAdSlotsInView function| getEmptyAdSlots function| getSlots boolean| enableSingleRequest function| primisTriggerSPATag function| refreshLabels function| refreshBids function| refreshAllBids object| refreshAds function| refreshAdsClass function| refreshStopAllTimers object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| quantserve function| __qc object| ezt object| _qoptions function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| google_sa_impl object| beTracker function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_countdown_timer_init function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| _sp_queue object| _sp_ object| permutive object| apstag undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_44111211 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadednetworknheader13924283968 object| moatPrebidApi string| captify_kw_query_13037 object| _aps boolean| apstagLOADED object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| _sp_wp_jsonp object| AdEvents function| bfaDestroy object| pbstck object| pbstckQ object| Pubstack boolean| __bt_already_invoked object| apscustom object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| COMSCORE object| ns_p object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent962 object| PublisherCommonId object| hadron boolean| __halo_loaded__ function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| regeneratorRuntime object| ID5 object| __id5_instances string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey object| au object| freewheelssp_cache number| google_global_correlator object| closure_lm_618601

51 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: HJVMIpO586Q
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SpcqAN8GN80
.twitch.tv/ Name: unique_id
Value: 2d5f3e52f53c9464
.twitch.tv/ Name: unique_id_durable
Value: 2d5f3e52f53c9464
.whereisxur.com/ Name: _ga_1PBJFTP2CG
Value: GS1.1.1700242167.1.0.1700242167.0.0.0
.whereisxur.com/ Name: _gid
Value: GA1.2.759578592.1700242168
.whereisxur.com/ Name: _gat_gtag_UA_55935606_1
Value: 1
.whereisxur.com/ Name: _gat
Value: 1
.twitch.tv/ Name: referrer_url
Value: https://whereisxur.com/
.twitch.tv/ Name: experiment_overrides
Value: {%22experiments%22:{}%2C%22disabled%22:[]}
.twitch.tv/ Name: api_token
Value: twilight.5faa4e2002c2b9572cf4015446f8d4a7
.whereisxur.com/ Name: _ga_0CPE0JFSCT
Value: GS1.1.1700242168.1.0.1700242168.0.0.0
.whereisxur.com/ Name: _ga
Value: GA1.1.98726545.1700242168
passport.twitch.tv/ Name: ga__13_abel-ssn
Value: 01zPx8kdA1n3jW54fm7QcpgKLegeSLZAvnnqnBhp7HExlam2msAqOLksZy9O7gqqLIvCe1Iqeoh1I2Jvy2sbfCbKbKeav01QwAeQ4JrxlpGVauXipKheYkQWB0NzoL2103CnRCzkwGRsdOYDnWvijCHJbg
gql.twitch.tv/ Name: KP_UIDz-ssn
Value: 01uess0NOxha36OPUgPXGasGKmlOUliJjrZ3xCyKlLKcPkQD5vLZQ7xRI8XA3oYUFVbf59Xh4n2Wx1c3aXs1fp9dRsdB5Aw1ME8wGKczZym16LHUeNWndtJf8E3eebOLEIj8nmil6Ux4yamm1ckfREEIya
.whereisxur.com/ Name: permutive-id
Value: 81a82e98-12fb-48fa-8a44-83ed99753e22
.whereisxur.com/ Name: dnsDisplayed
Value: undefined
.whereisxur.com/ Name: ccpaApplies
Value: false
.whereisxur.com/ Name: signedLspa
Value: undefined
.00917082-71e9-498e-8343-00c3df06b798.prmutv.co/ Name: pxid
Value: 6fd66f3a-7bbe-41de-8210-e32df3a04e4c
whereisxur.com/ Name: consentUUID
Value: d889552a-4278-4535-8be3-e17e103e15a8
.twitch.tv/ Name: server_session_id
Value: 0d42d01a994543779feb3d4cb054d5c2
whereisxur.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 341155=5720729
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 5656048441283909940
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0&c=1&l=-484118455&lo=-1108704272&lt=638358389728345764&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0
.doubleclick.net/ Name: IDE
Value: AHWqTUnFBg4r2xx3wOefHBFRsw97QLOxusqLOkowfDiJKd2sujtb6II0hJueaohj
whereisxur.com/ Name: _lr_retry_request
Value: true
whereisxur.com/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 8391828075229934461
.ads.stickyadstv.com/ Name: UID
Value: e876b4c9dce9babd7b18741e61b74
.csync.loopme.me/ Name: viewer_token
Value: ee2c1d68-e9e9-43f4-8b66-a269175d8acb
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3251851254478697778
whereisxur.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-17T17%3A29%3A34%22%7D
whereisxur.com/ Name: pbjs-unifiedid_last
Value: Fri%2C%2017%20Nov%202023%2017%3A29%3A34%20GMT
.bidswitch.net/ Name: tuuid
Value: 63438f59-2d7a-4d69-ad3c-eea8dfd22578
.bidswitch.net/ Name: c
Value: 1700242174
.bidswitch.net/ Name: tuuid_lu
Value: 1700242174
.turn.com/ Name: uid
Value: 3610603145680782508
.smartadserver.com/ Name: csync
Value: 22:3251851254478697778|32:3610603145680782508
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-26747b82-93ff-5199-458f-8bc91dd7b597.KfK32wW2iEtKQ2OFTr2tHNp5KbY0q0QmQVu1UijBULk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-26747b82-93ff-5199-458f-8bc91dd7b597.KfK32wW2iEtKQ2OFTr2tHNp5KbY0q0QmQVu1UijBULk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJnR7gpP_UZlFj4vJHde1l1FfBSQ.UpFeapXOnDCicQg5UJF84OjiPv2PRokZzU5M%2FaBntPo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJnR7gpP_UZlFj4vJHde1l1FfBSQ.UpFeapXOnDCicQg5UJF84OjiPv2PRokZzU5M%2FaBntPo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDYx4c9fu8NMdp88mUXbNj_QkhezptZzDTIxXLqavvYFEHwYBCD-xd6qBjABOgRyABfNQgQYPHb0.eNEc%2BawIdVa2%2BbRHXGSSzTbfWRJ08BdVO6v1sa1kMDU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDYx4c9fu8NMdp88mUXbNj_QkhezptZzDTIxXLqavvYFEHwYBCD-xd6qBjABOgRyABfNQgQYPHb0.eNEc%2BawIdVa2%2BbRHXGSSzTbfWRJ08BdVO6v1sa1kMDU

10 Console Messages

Source Level URL
Text
other warning URL: https://embed.twitch.tv/embed/v1.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Message:
Failed to load resource: the server responded with a status of 429 (Too Many Requests)
network error URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Message:
Failed to load resource: the server responded with a status of 429 (Too Many Requests)
worker info URL: https://static.twitchcdn.net/assets/amazon-ivs-wasmworker.min-527a0ec8a3914c71a683.js
Message:
Amazon IVS Player SDK 1.23.0-rc.2
worker error URL: https://static.twitchcdn.net/assets/amazon-ivs-wasmworker.min-527a0ec8a3914c71a683.js
Message:
Player stopping playback - error MasterPlaylist:11 (ErrorNotAvailable code 404 - Failed to load playlist)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://whereisxur.com/
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwhereisxur.com%2F' from origin 'https://whereisxur.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwhereisxur.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://whereisxur.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://whereisxur.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
00917082-71e9-498e-8343-00c3df06b798.prmutv.co
a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.stickyadstv.com
adx.adform.net
api.btloader.com
api.permutive.com
api.rlcdn.com
bcp.crwdcntrl.net
boot.pbstck.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pbstck.com
cdn.permutive.com
cdn.privacy-mgmt.com
config.aps.amazon-adsystem.com
csi.gstatic.com
csync.loopme.me
d2v02itv0y9u9t.cloudfront.net
embed.twitch.tv
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gql.twitch.tv
grid.bidswitch.net
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
imasdk.googleapis.com
jnn-pa.googleapis.com
js-sec.indexww.com
k.twitchcdn.net
ka-f.fontawesome.com
kit.fontawesome.com
kumo.network-n.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
mb.moatads.com
p.cpx.to
pagead2.googlesyndication.com
passport.twitch.tv
prebid-server.rubiconproject.com
prg.smartadserver.com
region1.google-analytics.com
reporting.cdndex.io
rtb-csync.smartadserver.com
rtb.primis.tech
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static-cdn.jtvnw.net
static.doubleclick.net
static.twitchcdn.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
tags.crwdcntrl.net
token.rubiconproject.com
tracker.metricool.com
video-edge-2c9abf.pdx01.abs.hls.ttvnw.net
video.primis.tech
whereisxur.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
api.rlcdn.com
securepubads.g.doubleclick.net
www.youtube.com
104.18.38.76
108.156.60.116
13.32.27.78
13.32.99.44
130.211.23.194
132.226.214.62
141.95.98.65
142.250.185.198
146.75.118.167
162.19.138.83
172.217.16.194
172.64.151.101
18.155.129.39
18.202.122.243
18.245.60.72
18.66.138.185
184.30.211.26
185.86.139.116
185.86.139.93
2.19.85.120
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2404:6800:400a:813::2003
2600:9000:206f:1600:2:5624:e040:21
2600:9000:206f:a800:19:f28c:cd92:c761
2600:9000:211e:3a00:c:132:48e:f021
2600:9000:223c:5800:6:44e3:f8c0:93a1
2600:9000:2251:8400:1a:5235:f980:93a1
2600:9000:23d3:e400:1:6448:6d00:93a1
2606:4700:10::6816:15d
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:1997
2606:4700:10::ac43:246e
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:3036::6815:4aa2
2606:4700:3037::ac43:cc42
2606:4700:4400::6812:2844
2606:4700:4400::ac40:9256
2606:4700::6810:5514
2606:4700::6811:7611
2606:4700::6812:119f
2606:4700:e4::ac40:a407
2607:ae80:192:1::173
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2016
2a00:1450:4001:813::2003
2a00:1450:4001:813::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9d
3.126.169.233
3.33.220.150
3.72.190.56
3.73.250.101
34.107.254.252
35.214.188.95
35.241.9.51
37.157.2.228
37.157.5.133
37.252.173.215
44.224.132.134
46.228.164.11
52.222.208.154
52.48.43.143
54.165.170.24
69.173.144.137
69.173.144.165
95.101.149.233
99.86.4.30
00749eff5f11fd9eaa37764812e679a75676baaf200a7c4e0622eceddf020cba
0105057277e07731b3ae7035c0cf9a3093c595c673aacccbd2a21128c121d409
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
01dc0167f9498589840e7f27ec0e1bf4fafe22932d88cf4b5cbecf1e3cccad4b
024d40cbd3f7ee352189940e1cdd1a009c84d99c099446da7e48c4567545a0dc
033a80c98752135ba755fa9b3733169b45c7a56f4bf60b619228ed990258dc81
039fc7e3b782431bb91057f13cdfd0ae7f8a9f87af64ce15e3a5736f117525d3
03dc9603a481ccefab40915f81a283e6925ec664e92a498775667b742c0700ba
0430f1b71c5bac13eaf2c55a02ae179f5f3e5874f0d79b2fc1e3ff5b6492bda5
04da2b02d79822b844ac45cbf6db26f41672104b2dfdbcc6560e26d7ce2ebee2
0636804e060508c39f5a548f46ffb1dbf0675f5b6de3b9e2c934f305d0240e4e
067629b93b9156dcfd0a66c7bfd2453c187244f0ec9cb7bbc96bb7d1f41881cb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075a0b46612ad3b63e202fa3dfa0d1a4bf8e88bbb70592f6e6c60b63de1b2b6a
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
09d843d6382f032d8c770d6e59d0731c394e8454c93db97fe33dce2ee471f75f
0a4479bc2768da26b2a34cf25cc29bfdbf947c2fa8a82c881d6331ba65a6d361
0bf857ceb0a81b5e35e40a43ec572458fac3281c2f42c91ed2cfb18b23e64f6c
0fec52a54d0ba3b284b34c52b7dbb54cac2c673a14c259320d98782576cf0ac8
1080cddf5b2d06d093b79ecdbf5d4052988ffbe3d8c3ac5063a7e7b512e9ba47
11add6845f9e5cdc8b592821cb0d3b0fe0d90f5c64bc48bca819789be124f506
126547c9a588d9a275a3fa86c96ac8a2fd9fb2df03b068e85eaeea5000282da0
130f1aaefc5a2b1e08181916968b05d02980dcad68159842763767f7c1759e6a
1414a8377c0833d2d9dafbb7cbc1e6f36bc01f1830eb5bb30f3e40b989477191
145728b5f996387f7d5ae92953ce694861234c5041f02f218e97e51caedf8ae4
165ca1e3ffdd73b8f13aeb49229ee446c46d47b363bf9d654a70d6de02c253ef
189ee74b34125d1580a570b1a105ca52fa83b1b0b2845ecf31a9230c90460731
1b3ba1943f097c3217100e559109007fed340998a2fb15e77fe6f9164171eb98
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d1c15087d7e241a99cf94534f8f0e2286c9b426bfc065a248ae9dc0d07f9e00
2182711e675d8ed3d12df1216876469aa410cf62c64217cb43d9a78c283289fe
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
25d542878cf4249da27ed83294bd17f5668f75de7c816922831d2ef435af2581
266f10bcd8445642b63ba1729f7ef7c99816684782ccf290eb924d3c675e5072
27f2ce65422813c8888560ac84413002433dffd39cc11b53e9e65a3e1ae76bd9
29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5
2b6f52d91f1f01039d2816b5482b9ba15d85f3a13a8f6ddac4b0bd71ccb82e3a
2bc2af0c3101e9bd9188ef5bd39172af8097016e64ad1086ea03c3b965c8adb2
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666
2e071087dcd637ea37eb24baf5f527f1a1d9285b713feeafe2c923d43c19a385
2f1ac97daf011cd6244f37431bf0fc452cbb8d48fbab70f28cf1274b321022e8
2fa06ecf6d3ce7834d4cbb4042d1757fe6186261f3ca2414cf372860eb6ea3b7
30b37dd46d2a06078a960ee197bc9d77e1cee04fe8a6b295eec19df8d30161e7
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
329a304e0c740eee44c108400f9852621c487b26199a28c82ed26e2aa0382092
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
356129ee5a40d1b9e322419c13e2efb7513cdd956c82ed1a0568f7ab331b87ec
36790e9530e6610813ad04d81da516d3fedcc2a9e3b2bb065fcf5e524fabaa40
3981d810e25806d10935afc217326812079779cfe50162ef4f0cd4eb0126a1c0
3a1c836cc229655767e9bc1d9f14c6d48bc6b61bd40afc910e80e19c6b82f81e
3a25ea9d08a5f19bebc8228738c08767cea89bb448eeeae4d437304d5df317d1
3a337d82452c6ee0bee91099249c74b0e98d3f7054afb25a4938d734f1af3de9
3a54d42b9bc2347e2576eeab27723a3c8ee4eb8490a3122f00a6fb7fee31798d
3a71e4478f3159e44575ede4e16715f0e67f9d159f7ce06fcaddb06fa6dca7f7
3b67b2cd4f7a35f68b510e5d102959fca64700d7917ffb419584d1d753211070
3cb66a12c45f87c4e25a643e979100794f5b3859c27f22464872cbf0fd7e657b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fb66a979162576e6018f079293be866329da6ce619116e396514cd245db1b62
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
41c4dd10a2602e75748ad506920812c22223f09d06ae4b427c8b7f36629f512b
41e5fd4e842e46acf07f4209a1c0f4fd64b5bdf00071f8798af7d7c5dcfcd6d8
433ba056f1b18f5b0fa831ffcded3fa106302f31393a5fcc4df7abba1a4b4654
43d01d86dab8ab7a8f0181a0f7f6fc024e2648a42d5e91ba67d04e446b50e236
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
445f90ecfab5ded6f51209614d8e66316b70a0afa06b00249a5032ec41262191
450b7c2387387436f0c3d0007db73d5f7296af189da1bf02e95f6a8a7959b5da
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
4753e0e2fc769d14cd90048716a76fc8607a8a4adc089d2606306a38d477fc9f
496331f132ec417a40bf2fd20d3c230e2a28bcdf9f25c51705bc9c8d2af4e433
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a47a835a501c267d135dd61972c0552dda7c94feb409c74eebc926340f8d43f
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4c047185e6e4370e7aefa93df87710007d0ac33ddf9c2e555d498e757695b63c
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
4ed88a91bbef5181fa205a1645a6564a6801533291e1ac71fc2d514253f98f2a
51fd2247508bfbd2fdbd582e89f32d480a1617dabc83b44be1358e7d0d69ec0c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52bd4bb90eb416c194ee26f808ee2edec03706c98bfc052c7394a77309bc1e1a
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
539dafd024f16c8926e15e864e8da3f93e3560cdd5ac411ca2ba86dc5f29ad5d
544ad9fe6ced38792fcb763fff362d510cb42a019c736f70d8dacbb6d6f480c1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b45d033b29f1be0236762de4a3bdda01b813597fc1da611507a61cb86fbd87
54d76f1c75eab61bebf210d30b5db9de1fade64d515d1704b86a615ecc3a11e6
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
57aa77792d5efbd0f673332016d297c6e17b43e89bd084ebc94e80c6025a16a6
5863be988caf4ab95dac7eef24168a4df33723e1d5e78845499f577945934082
596aed55635ffc78dbffd4e1e9cb9d8cef6e2a71e0387c75b375a06d258a6dd5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c8a8963ae0ddc49ff2e7381b16505bf9a2e14b2fd5ad4e2871ad245fdd164fb
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6304c605cc4c39f494c40a8179460059bd551e2c460f659fd8ebf27346d64e88
637e3863e2e41a9bfcf9a480d4a2e4a33568fcfd6aa254eb358926a2279ee375
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
65030c1bb33a7d3b00574b46d56c6fefc6e4430bf4f2b23de425078585c0ec50
6515c12351eb897df9bb02b2c596189c74546d2307acc53390aead76e27f73d0
6576bc636667b4b6ff19a6c591c1f976e5b328f5505ce78c15ce0d3c3a772095
65d9d35ac0df81d0440f783d9ff8a084b17c6aa133228424f468eb240c085a33
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6911950d8f42dfe6993738dc3f6384fcd82c4a4df01ca41292c89a37c7b8145e
6998d311bdd346da24a257d09e25517aa7cc7eb4b8fd740b8deb7b769269f727
69cfb7908ceb8fdbbc69f017c4172c8be25b1d3688c75e311e9f4312cbd65d3e
6a511b6d2ae9ea020e19a9d9f1f282663e1aad75cbaecaabe1cc315865cb8c0f
6ad2d561a359ada702db1548204dc824684f5e87b151142a5c9c9c60c71f8a56
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6baac8c6801715fb9caee89e07ac2e982930e28a2dee1cb6dd8dafae20d4de1f
6c9f8ee6660db249d75b8c495f370f375851c50fcd938ea260856e0891b352cc
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e4c37feb87e0edfdb963900b9467f64f82d16abafd3b3b11b2c80e9d3bf350e
6e4d7d25742817a70b4db6f3aeda1d727fa7e64738112076a5f75d4e193dcfe0
6ea01f25b5e356cabd0e986152cb3b58943a497c3516a1201e4536c83554b8fe
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
703b6b31a3f9e690101183b65316e55d718a6cb63df591e1c835de4e5a93660a
70be7d5123cccf64deaed8efd326005adfc846521cf74f4ef44e358f4c4325bd
7116af1188bf714fb6816a5cd9b5340b7b6183ea9a54ce24fc067bbfc6e4694d
736af9aa03ac1629c0fb6decd3e7c256e8fc4d19b4e7a92bf85efd8119dd3daf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
75d76e3b4c9ae0adeb86224f457bd194421331677738efefbc39ce6d95ba4321
75eb43bcb7d2f76613b5ce78b01e26c6ce1ed2c28b6bc70608d8b030defa6f9f
761ab284d01584503082019cbbbdc641a54b4fb7db3c636e563c6e709cb6adee
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77938940883693220ab6a45e26932c323c229eb0463914ca898befe107b79e38
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
79ac93d95cdaf7bb0763071724360934b06f515fd888c173a47b51cd2f6d101e
79f40047b18f4a694852c3aac01228358c1f60e7feecf568705390650981dbea
7a5dbdc80b1c6d94861c97646f4549613fe4e22543d2ed5b61ef904a2f695e1c
7b384de0559c992f200e0fb9ac5acf4b0dd3fdab5632ae2af7d7a525976c21f6
7b885cd947db565b8e7da19deadb39decaed132163b6ba70ddb717a7255a7f12
7cdaff99181e91e5bb644ecf92b9065603c4031f64264b0b4fba12632da07ab1
7dc1657d62d95d4f3dfff6282aaaf24fb7ccd26afde8cbfbd706c8c00b301cb1
7ddbdab409a737ec48914d95b341212f9ff9b7e096f5e098b38e1f1412dbf62f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fd4409198e6c276d5b4b62f2c3b1e8fc4f06193180b52ab3360fd8bdb87d6e6
80910ee92e847e4c1e7253da9b87d93570b24b5cc905a10a41707ff5212484a9
813f4b67876b10ff82bf18f081d9011211d70afe8a2c88ffba673091e4febd5c
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82bdfdd7b2f3829be96bc7640732b1e0aa4ff9834c80ec826b5ea6f57842f414
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
842fea842197879ad5afa91048cc2986038f1d873b69691231b45d40e7ddf864
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
874abb5bde831a43cc8dcaf7b06e410c0f9f999ad3d64c4b025948bdbb8ca260
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cea9f13c4a6baeec72839871a091777b19cc1eb1567cb7947e01b6b3c3e6786
8d3480ea251099b54f6e350fb647664b3f76835e5592be54cf79a2a7e5250d9b
8d5f1b6f3f1296acbdcac2044d57a82324af86d9e67da95100950d1a2e7789f7
8f38b59cd4668a9dc79245ce92a452b5f6c9fdcd7da8b1d1f3d0a779ad126197
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587
9353007d3d2802f7f33574031231b92924525b2aa7190c28d154d1cecdf08499
93d189de51239bc3a8566384f241938afd3a00f992b772894f79c843e4afde94
93d6eba4724acbbe339334ab66fa72c68bd8a06b9f9d59c8af764e0770f1a0d6
945664233770f946e3580a659f93b9d537b5d7ee6f44e5804e208834580b1b53
968b0bf39004c0eccac139d1649360e7c199a424ecc6c6748788e0e7a6748572
975cc0c13cffdeb15d6e89a75851ad570f4333afa82a99b6402eae3327191ae9
97b33f2800a442fce3681433d58f17e702faf1bc9140d0a91aa4308275b28cd8
98a96dbe0e0d22eee00ebaba04f41ced75edf2cd971e3bb3b21dd3d0a2d6fca4
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba40069f9ec6d491f4738cc1c346700ddeaf5ef616f46122d7f9ce71d7dc620
9f30fbff4739df789a1c0780726db8047d6f938c08fb6e1141c16073edac32d9
9f8842e4f3bd67f5b3c21f71826ccfaeff2dd9b5819ba6237f6a01d2b1b7652f
9fb81e868be5805e1144235dabf38abd4774653abccf6dc4553e6d2a7b05ee77
9fbd5cb0b8e5613304b5103acf4ef13fcc647b0dbecee8b91ea8ea7b8889bd58
9ff305ddc5f06665ba6ec74a3ce196188b721988fdc85c70fa7a9bbcc489741a
a0373d647fe10d48014be010baa35759546a2123c9bba2c1848c80c430f35fb0
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1aa0a3ab46cd2c4d6fb378b0686641e95231b84731b4dd7cc35c498ed04ed3a
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a208c67f6b1de1a9be7bca71a44e9adf7747f0db213a3a51e5789164d8660a60
a2b8b6157670f71b250cbc730866eb3d63ad3ce599e005b8d7de0f8ba22d8e4c
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a2f50d64674723894453137c93bfece119e87a82a064bec38e49498d3f74b68d
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4620d20bb154a490bb56f175a57db90f20bbee250a085a712b3bbe909e3c718
a76826ca1c189687ef0332e7772049eba3fa15fb151c68580f3a455b6bf390a7
a76da8994eb9d3e1e29cea24fe536861a3f45df3ba0084188d07d382e699c271
a78c1e4b9c3929cb8813cd757634d986854cdcbc944c82aac48db4e7be6a107e
a92bfee0ad85b81fef3eeb564bb7f167cbce7f07f24c3c1836e155561537f726
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9fc349c2b24d9a79160cc21a08c091cd8505d1c10e8c89d806d214d8ab04cff
acd60b4842a0f2c2526b0b678cb6e310533782795b3876c95677ff629f4deeaf
ad6aee54fd20e0831ce92fd75a4df84e6ef125ab27846d2d2daf93cc242b1b5a
ad9c4f18d21e57c6839eab899bd654c2693ce629a54221846efce89cb1017701
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1586e123719e6ab46a6f9cd934adad61f8782a03f15b1ab5cd8d39e2b7f32c7
b1adceac1e5be1bce251aec255762034ebb7cb60a53b6f6415322d5649234be6
b23f7d60bf3ab4e2017801779f13189a3035d2bb6e101795c71e49da221f53ea
b313fc959bf0675674d0841c82eab034823dd1bbcfe3b039457b916bc8086e0c
b35ef8312f063024fa009c1afd20ef499cee4415653f2d9f0ea3ecb9d646faa7
b36817a8f663f15268e57f1239930cdd703c6cacdbb7a4f5e5f75aaa56ae1b0c
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b467ee7d8596f1b6f92badef2417df25680041da3c6289fb431942c5f6babdf1
b494cb88d536d973909e640d9e06ac55f76132bb24c0ebac6c14cbb926df2762
b4ba9adec35f031a741feb26fe792ff4fcf44f21a6d2ecbe613885c9dca169cb
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
b5401418c9e294a9be8a00fb66139a2eb82eb04cf5c5d0ab85ec7acd14157435
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
b9a97383215e432e8c3557e15f2efc90c59141c1ebbf015a98cebd1c8f6d3cbd
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
bd3a14351063c7733c4463cf2a918b348c6320efd21490aa36ced67e3e7692a8
bef565dc0623fe4b53da99c2db4810e148950a467f75607c2c1da66364bd1415
bf00a1d42dfd379e983ad66542c2956a80572289440f8e740ea30680564ef4a1
c1aed5a8fbb9970fdbfdcff15a5bd5db90910235764c6824bd387a3cd09a88b6
c249b3736c445ad0db403a60ffe95ee1a6ddee03036558a41e134bd3e6a5cc76
c473f62dbe573ab62084740ce339718b94f16e5e2b8fefbc1a5d14a260e5ef54
c6a5a6e426455f743e25a4a135dc8401b975e39d49c1be70816bc4c0cddf3de2
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9d40ce2ffd160f99a1779168fba4773168986f866ba15cf1373b9bdbaea1fdd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca419686788ffefde8b85d068c045c6a9dbca96bac7b99d8d187270d439fc8a4
cadd78ac6f1a0c5c7fbb588e634feb8da47508cc5fd0ac0c3d86a6f007a1ac50
cb402c6d8defe14a3f6e4d58396081b435b2edafbd24cfa5738b9092668b4780
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2ce92ae5a6ba589284b67c485c4446101d80cf8feb81a41c20a3a5f730876a6
d64cdfc4dc204a4e869f4c78fcf122bad7fc589a2eacdd7afccbd2181414dc7a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da9b409e17b632f38a7dc2212ac5b8dc924bf1de9f39213d043d35077dadb147
dbf2c65c424ed53bbcfe6f55731658210a9e6fae208fe1cebf4395ce97f82bee
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de495615086d5c815a2b07dddb246c9ad6ca96f6f44de4975424586b5b91fbe3
de6be61fa50f184060d0d5585c8b9b7ac9738c8e37ae2bf95bff5cd6e581b57f
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
df57b4222bf91a426fd24197c8ab6b8aa4f7dfd443c5a8288331314f8963eb2b
dff98bad9db2e356ecc83f0b125d0c3e691a923048bbd03572b3a6c757b7f7cd
e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660
e1d4bc8e70b1c0fb5674089c497c2674cf6e2df8b83502831f511db2d8747bb2
e227c9e9a7c24dea65ebeb4fa9a5e1f16d222dd231b86ac96e73bd5308a772d4
e26bf7ccd25f94513ed9207cdbdf986b6821d75a447816b3caa8ee33f3b840a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4df500a2107366df34007e5c0cbf531433d7d3ac7725a8b4725c7588f4ef6
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065
e7ad9a7bd110cad2b9d97def78901aa89f75dc1b60d6c4cd9282fb6805c82f7c
e7e2cd4e212db2d31a8e64398f9711eccf07af9fd88607d84d744ec43b9eae52
e81e6056e68a328a8a38c71ab6ffd056ec91cdebc5a79f3c8e80f3e7607acf2f
e8f8d5829fc1bc5d517e9efdb2eb9e7b4d45fb8225919c6dfaec411eb3fdff00
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d
e9c0e37a2af5a201890dee5fa3429d12755f1048526b20f2f59fd361718995df
e9ddedb96658c31a0f211b71a1491b4da2fe35d39c4cec379b65bea9f536ed65
e9f9e2ddc9d17d90d34de3e1fd1f0bd8e828d14243a1905d96ead586835e0939
eb58c3395f4ebf567fdc5ce79ae7f6f3e2f0171bb9a72f4b44abc77f8815473b
ec1bef7dc833e146ba4722938f8120284370e3e61b94d11f1ac924c4bc9025a7
ec4bd70516e7a163eab20528f9f8b076a033592808085408079a2ff18262897e
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
ec75992b2219fffefcfe8ba6094466dc3aa5d410cba0a71da2052123448de0ec
ecfc4909de4b05f973467e30bb0e9d5c2498a51ddf3ca5eb9ff2428ca0da75b9
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71c937db7d4381cd982493ff9728723d27dd44282cc5adef9e16bc7025ad26
f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f520c0ad561d409cb88a915e37024ca88b1801f3e39e526d1b367cc67965df3f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
f7c2b845f72a7f3873aedf22c690d3529076898d03fe61bad284628632435e2f
f8d79daad8f133b66cd3d02efd2097bf1e2a881312537ce64615949c656a0225
f8db6324c6ba366a80588c43aba01cb9eea37b6ac062d1b6d968130ddacebacf
f9e342cb4636775a2235de653172e308ea89266a07801484f3ec1ff40081fcf3
fa2e140022cad17cefedd7e6ccb42498e76740a9033a8dc3dcc78c8c11ce4545
fa6650b6933bbfb0eac06b4cce71024d6304e73908c7509cf349eb13e747196c
fad8328cacab619d02d3bda1c976adb0f7d45322a441d032dce13a97d8927372
fc1729886b9e86ac1b2b4b3ea679fbd404a51abf1ad076f185364c18a4327ed0
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc6bb8a191839754ae1dfdb5ba224e6d3319218dd48e05722f5801610d16a007
fc969d00f9d7580d838302e9a78d3d559d1af95b48a5f24bd7481ea50ad80d64
fe570993c6522b9caf1ab960dae0ebcf505e00f3a2ede9d10493fe2a83c7f623
fe5a6983a1d1f9fefa2709ecba2a0462d600db113dbc93a1d8c4d220b48488e1